• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 620
  • Last Modified:

Cisco PIX 506E How to change outside DNS?

I have a single network behind a Cisco PIX 506E, with a single VPN link configured to another office. We will be switching from one ISP to another soon, but our IP addresses will remain the same. However, they do recommend that we change the outside DNS IP's to the ones on the new network to be safe. I do not use the DHCP feature on the PIX, I have a Windows 2003 DHCP server. Can someone walk me through the CLI to make this change on the PIX gateway? I beleive we're using version 6.3(5).
0
dburk1
Asked:
dburk1
  • 3
  • 3
1 Solution
 
JFrederick29Commented:
You don't need to change the DNS settings on the PIX as it has no impact on your client DNS traffic.  If you are handing your clients your ISP's DNS servers, change the scope options to reflect the new DNS servers on the Windows DHCP server.  If you have internal DNS servers and use Forwarders to your ISP's DNS servers, change the forwarders to the new DNS servers.
0
 
dburk1Author Commented:
All of my internal clients use DHCP and point to our two Windows 2003 DC's in their DNS settings. I checked our DNS configuration on the primary server, and there's no forwarders listed. It would seem that the outward facing DNS settings would be a the PIX. Am I wrong?    
0
 
JFrederick29Commented:
If you have no forwarders on your Microsoft DNS servers, they are using Root Hints (default) so they query the top level root DNS servers.  The PIX is not involved at all.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
dburk1Author Commented:
Yes, I see the root hints. So when I switch to the other network, there's really nothing to re-configure is what you're saying if all the IP's remain the same? Then why did the telco person recommend the change?
0
 
JFrederick29Commented:
>So when I switch to the other network, there's really nothing to re-configure is what you're saying if all the IP's remain the same?
Correct.

>Then why did the telco person recommend the change?
Probably in case you were using their DNS servers for lookups which you are not.
0
 
dburk1Author Commented:
Thanks, much appreciated.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now