dns on pix

hi i have just configure dns servers on my local lan 192.168.1.x behind a pix

if i use the servers locally there is no problem, but when i tried to do it outside y reicive timeouts from nslookup

i did nat rule form outside to inside addreses, and also acl to allow domain on upd an tcp


static (inside,outside) xx2.mydomain.com.mx 192.168.1.2 netmask 255.255.255.255 0 0

access-list 100 permit udp host xx2.mydomain.com.mx any eq domain
access-list 100 permit tcp host xx2.mydomain.com.mx any eq domain  

can someone tell me how can i cheked if there is a problem with my dns configuration (reverse address) or firewall stuff

regards
Alejandro_LopezAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
Assuming that xx2.mydomain.com.mx is actually a public IP address, your acl is backwards:

   >access-list 100 permit udp host xx2.mydomain.com.mx any eq domain

Should be:
    access-list 100 permit udp any host <ip address> eq domain

Then re-apply the acl:
   access-group 100 in interface outside
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Alejandro_LopezAuthor Commented:
Irmoore

Thanks i was doing inverse thing, i still have some kind of trouble but now can access dns server so it's a reverse ip stuff

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.