Configuring an extra DNS on a Cisco PIX 501 Firewall..

HI, I have a Cisco PIX 501 With 6.1 firmware. connected this way.

  Cisco Router <--> PIX 501 (DHCP) < --> LAN

 I'm setting up an internal DNS for the LAN on windows 2003 (static address).  I want to setup the DHCP on the PIX to automatically propagate the correct DNS throgh the network.

"dhcpd dns"  already has two addresses configured for the Internet... how do I add one more for the internal network?
LVL 8
markps_1Asked:
Who is Participating?
 
calvinetterCommented:
>how do I add one more for the internal network?
  Sorry, 2 is the limit on PIX, even on much newer version 6.3 or even 7.x.

>what is the point of the Router since the firewall is doing the NAT..?
  Usually it's because the router's directly connected to a T1 or other type of WAN connection that the PIX doesn't support - PIX only has ethernet interfaces.  Or in situations when you need a true router on the WAN connection (a PIX is *not* a router!).  Also, often a PIX is added later when some organization wants to "beef up security" for their Internet access.

cheers
0
 
markps_1Author Commented:
Another quick question is what is the point of the Router since the firewall is doing the NAT..?
0
 
markps_1Author Commented:
So, is there any harm or dumping one of the ISPs DNS and adding mine?
0
Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
calvinetterCommented:
No, shouldn't be a problem.  Though if you're setting up an internal DNS server, might as well setup both ISP's DNS servers as forwarders on your Win2003 DNS server, that way if the single ISP DNS server given out by the PIX is unavailable, your workstations & your server will still be able to resolve Internet addresses.
  Either that, or just disable DHCP on the PIX, install & setup DHCP on the Win2003 server; a Windows DHCP server will allow you to specify more than 2 DNS servers.

cheers
0
 
markps_1Author Commented:
I can't move the DHCP on windows. Internal decisions here.

 I've just tried to set the new "dhcpd dns" on the pix it it won't go through...

 I've typed "configure terminal"  then  "dhcpd dns (ISP's DNS) (Internal DNS)"  and then when I type  "Show Configuration" and the configuration didn't change. I've been able to change other things here and there any clue why can't I change the DHCPD DNS? I've also tried to delete it with  "no dhcpd dns"  and it didn't do anything either.

Any clue?
0
 
calvinetterCommented:
"show config" only shows you the saved config on the PIX.  Do "sh run" (or "write t") to display the current "running config" which will verify whether your changes were made.  When you're satisfied, make the change permanent by "wr mem".

cheers
0
 
markps_1Author Commented:
Hey thanks for the fast responses! A+
0
 
calvinetterCommented:
No problem!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.