Wireless Access

New Contributor

Corporate DNS Domain

Dear all


I would like to configure Corporate DNS Domain with remote ap


In AP system profile there is option Corporate DNS Domain . so I put the DNS domain (google.com)


I follow under step.



Defining Corporate DNS Servers
Clients send DNS requests to the corporate DNS server address that it learned from DHCP. If configured for split
tunneling, corporate domains and traffic destined for corporate use the corporate DNS server. For non-corporate
domains and local traffic, other DNS servers can be used.
In the WebUI
1. Navigate to Configuration > Wireless > AP Configuration page.
2. Select either the AP Group or AP Specific tab. Click Edit for the AP group or AP name.
3. Under Profiles, select AP, then AP system profile.
4. Under Profile Details:
a. Enter the corporate DNS servers.
b. Click Add.
The DNS name appears in Corporate DNS Domain list. You can add multiple names the same way.
5. Click Apply.
In the CLI
ap system-profile <profile>
dns-domain <domain name>


where I put the DNS ip for split user ? ???????


It doest DNS IP address for (google.com)

Guru Elite

Re: Corporate DNS Domain

Your corporate DNS server address will come from DHCP.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: Corporate DNS Domain

Dear Tim.


User IP and DNS Ip come controller DHCP.


subnet netmask {
default-lease-time 28800;
max-lease-time 28800;
option vendor-class-identifier "ArubaAP";
option vendor-encapsulated-options "";
option domain-name-servers
option routers;


Over DNS IP(  is our campany local dhcp server ip.


But I want to use deffernt DNS IP for branch office user.


If I put the Corporate NDS Domain like under.


When user find google.com. dns quarry to 10.22.1..6 .


Can it change dns ip(local isp dns) when user find google.com ?




AP system profile "vbn_test"
Parameter Value
--------- -----
Backup LMS IP N/A
Backup LMS IPv6 N/A
LMS Preemption Disabled
LMS Hold-down Period 600 sec
Number of IPSEC retries 360
LED operating mode (11n APs only) normal
RF Band g
Double Encrypt Disabled
Root AP Disabled
Native VLAN ID 1
Bootstrap threshold 8
Request Retry Interval 10 sec
Maximum Request Retries 10
Dump Server N/A
Telnet Disabled
SNMP sysContact N/A
AeroScout RTLS Server N/A
RF Band for AM mode scanning all
RTLS Server configuration N/A
Remote-AP DHCP Server VLAN N/A
Remote-AP DHCP Server Id
Remote-AP DHCP Default Router
Remote-AP DHCP DNS Server N/A
Remote-AP DHCP Pool Start
Remote-AP DHCP Pool End
Remote-AP DHCP Pool Netmask
Remote-AP DHCP Lease Time 0 days
Remote-AP uplink total bandwidth 0 kbps
Remote-AP bw reservation 1 N/A
Remote-AP bw reservation 2 N/A
Remote-AP bw reservation 3 N/A
Heartbeat DSCP 0
Session ACL ap-uplink-acl
Corporate DNS Domain google.com
Maintenance Mode Disabled
Remote-AP Local Network Access Disabled




Guru Elite

Re: Corporate DNS Domain

When you set the "Corporate DNS Domain" parameter, everything that has "google.com" will allow DHCP requests to go to the corporate DNS server at  All other DNS resolution will be pointed at the DNS server obtained by the RAP where it is plugged in.  For example, if you plugged in that RAP at your home that has your ISP's DNS server, all non "google.com" DNS traffic will be resolved by your ISP's DNS server.  The key is to plug the RAP in on a connection where it will obtain a DNS server from the local site.


Your must have your wireless traffic on a split tunneled Virtual AP for this to happen.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: