Solved

change asa firewall dns address

Posted on 2012-03-14
3
379 Views
Last Modified: 2012-03-19
Trying to add my new isp static info and take off this opendns address off.

sho ver!
no names
name 10.226.72.141 Server
name xx.xx.203 PublicMail
name 10.34.95.0
name 192.168.144.4 IntegratedSolar_Cam
name 192.168.144.2 IntegratedSolar_Meter
name xxx204 IntegratedSolar_MeterPublic
name xxxx205 IntegratedSolar_CamPublic
name xxxx141 IntegratedSolar_Public
name 208.67.222.222 OpenDNS1
name 208.67.220.220 OpenDNS2
name xxxxx202 Outside_Interface
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.226.72.140 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address xxxxxx202 255.255.255.248
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
 
speed 100
 duplex full
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
same-security-traffic permit intra-interface
object-group service IntSolar tcp
 port-object eq 9999
object-group network OpenDNS_Servers
 network-object host 208.67.220.220
 network-object host 208.67.222.222
object-group network _networks
 network-object 10.226.72.0 255.255.255.0
object-group network B_networks
 network-object 10.34.95.0 255.255.255.0
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any host xxx203 eq smtp
access-list outside_access_in extended permit tcp any host xxx203 eq https
access-list outside_access_in extended permit ip host 209xxxx141 host 24.xxx204
access-list outside_access_in extended permit ip any host 24.xxxx205
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit ip host 173..141 host 24xxxxx204
access-list outside_access_in extended permit tcp any host 24xxxx202 eq 2080
access-list inside_access_out extended permit ip any any
access-list inside_nat0_outbound extended permit ip 10.226.72.0 255.255.255.0 10.226.73.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip host 10.226.72.194 10.226.73.12 255.255.255.252
access-list 3000client_splitTunnelAcl standard permit 10.226.72.0 255.255.255.0
access-list 3000client_splitTunnelAcl_1 standard permit 10.226.72.0 255.255.255.0
access-list 4000client_splitTunnelAcl standard permit 10.226.72.0 255.255.255.0
access-list 5000client_splitTunnelAcl standard permit host 10.226.72.194
access-list nonat extended permit ip object-group networks object-group B_networks
access-list nonat extended permit ip 10.226.72.0 255.255.255.0 10.226.73.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool pool 10.226.73.121-10.226.73.124
ip local pool Vendor 10.226.73.12-10.226.73.15
ip local pool ip_pool 10.226.73.106-10.226.73.120
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 10.226.72.0 255.255.255.0
static (inside,outside) tcp interface 2080 10.226.72.135 2080 netmask 255.255.255.255
static (inside,outside) xxx205 192.168.144.4 netmask 255.255.255.255
static (inside,outside) 24.xxxxx203 10.226.72.141 netmask 255.255.255.255
static (inside,outside) 24.xxxxx204 192.168.144.2 netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 24.xxxx201 1
route inside 192.168.10.0 255.255.255.248 10.226.72.254 1
route inside 192.168.144.0 255.255.255.240 10.226.72.254 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
 lifetime 43200
telnet 10.226.72.0 255.255.255.0 inside
telnet 10.226.73.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns 208.67.222.222 208.67.220.220
dhcpd auto_config outside
0
Comment
Question by:vmagan
  • 2
3 Comments
 
LVL 17

Accepted Solution

by:
lruiz52 earned 500 total points
Comment Utility
Configure terminal
no name 208.67.222.222 OpenDNS1
no name 208.67.220.220 OpenDNS2
no dhcpd dns 208.67.222.222 208.67.220.220

name xx.xx.xx.1
name xx.xx.xx.2
dhcpd dns xx.xx.xx.1 xx.xx.xx.2
0
 
LVL 6

Author Comment

by:vmagan
Comment Utility
I will try this tonight. Too scared to try this remotely.

Thanks
0
 
LVL 6

Author Closing Comment

by:vmagan
Comment Utility
Nice and easy.

Thanks
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now