Wireless Access

Dear all

I would like to configure Corporate DNS Domain with remote ap

In AP system profile there is option Corporate DNS Domain . so I put the DNS domain (google.com)

I follow under step.

Defining Corporate DNS Servers
Clients send DNS requests to the corporate DNS server address that it learned from DHCP. If configured for split
tunneling, corporate domains and traffic destined for corporate use the corporate DNS server. For non-corporate
domains and local traffic, other DNS servers can be used.
In the WebUI
1. Navigate to Configuration > Wireless > AP Configuration page.
2. Select either the AP Group or AP Specific tab. Click Edit for the AP group or AP name.
3. Under Profiles, select AP, then AP system profile.
4. Under Profile Details:
a. Enter the corporate DNS servers.
b. Click Add.
The DNS name appears in Corporate DNS Domain list. You can add multiple names the same way.
5. Click Apply.
In the CLI
ap system-profile <profile>
dns-domain <domain name>

where I put the DNS ip for split user ? ???????

It doest DNS IP address for (google.com)

Dear Tim.

User IP and DNS Ip come controller DHCP.

subnet 10.56.201.0 netmask 255.255.255.0 {
default-lease-time 28800;
max-lease-time 28800;
option vendor-class-identifier "ArubaAP";
option vendor-encapsulated-options "172.16.0.254";
option domain-name-servers 10.22.1.6
option routers 10.56.201.1;
range 10.56.201.2 10.56.201.254;
authoritative;

Over DNS IP(10.22.1.6)  is our campany local dhcp server ip.

But I want to use deffernt DNS IP for branch office user.

If I put the Corporate NDS Domain like under.

When user find google.com. dns quarry to 10.22.1..6 .

Can it change dns ip(local isp dns) when user find google.com ?

AP system profile "vbn_test"
----------------------------
Parameter Value
--------- -----
LMS IP N/A
LMS IPv6 N/A
Backup LMS IP N/A
Backup LMS IPv6 N/A
LMS Preemption Disabled
LMS Hold-down Period 600 sec
Number of IPSEC retries 360
LED operating mode (11n APs only) normal
RF Band g
Double Encrypt Disabled
Root AP Disabled
Native VLAN ID 1
SAP MTU N/A
Bootstrap threshold 8
Request Retry Interval 10 sec
Maximum Request Retries 10
Dump Server N/A
Telnet Disabled
SNMP sysContact N/A
AeroScout RTLS Server N/A
RF Band for AM mode scanning all
RTLS Server configuration N/A
Remote-AP DHCP Server VLAN N/A
Remote-AP DHCP Server Id 192.168.11.1
Remote-AP DHCP Default Router 192.168.11.1
Remote-AP DHCP DNS Server N/A
Remote-AP DHCP Pool Start 192.168.11.2
Remote-AP DHCP Pool End 192.168.11.254
Remote-AP DHCP Pool Netmask 255.255.255.0
Remote-AP DHCP Lease Time 0 days
Remote-AP uplink total bandwidth 0 kbps
Remote-AP bw reservation 1 N/A
Remote-AP bw reservation 2 N/A
Remote-AP bw reservation 3 N/A
Heartbeat DSCP 0
Session ACL ap-uplink-acl
Corporate DNS Domain google.com
Maintenance Mode Disabled
Remote-AP Local Network Access Disabled

When you set the "Corporate DNS Domain" parameter, everything that has "google.com" will allow DHCP requests to go to the corporate DNS server at 10.22.1.6.  All other DNS resolution will be pointed at the DNS server obtained by the RAP where it is plugged in.  For example, if you plugged in that RAP at your home that has your ISP's DNS server, all non "google.com" DNS traffic will be resolved by your ISP's DNS server.  The key is to plug the RAP in on a connection where it will obtain a DNS server from the local site.

Your must have your wireless traffic on a split tunneled Virtual AP for this to happen.