change asa firewall dns address

Posted on 2012-03-14
Last Modified: 2012-03-19
Trying to add my new isp static info and take off this opendns address off.

sho ver!
no names
name Server
name xx.xx.203 PublicMail
name IntegratedSolar_Cam
name IntegratedSolar_Meter
name xxx204 IntegratedSolar_MeterPublic
name xxxx205 IntegratedSolar_CamPublic
name xxxx141 IntegratedSolar_Public
name OpenDNS1
name OpenDNS2
name xxxxx202 Outside_Interface
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 ip address xxxxxx202
interface Ethernet0/0
 switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
speed 100
 duplex full
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
same-security-traffic permit intra-interface
object-group service IntSolar tcp
 port-object eq 9999
object-group network OpenDNS_Servers
 network-object host
 network-object host
object-group network _networks
object-group network B_networks
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any host xxx203 eq smtp
access-list outside_access_in extended permit tcp any host xxx203 eq https
access-list outside_access_in extended permit ip host 209xxxx141 host 24.xxx204
access-list outside_access_in extended permit ip any host 24.xxxx205
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit ip host 173..141 host 24xxxxx204
access-list outside_access_in extended permit tcp any host 24xxxx202 eq 2080
access-list inside_access_out extended permit ip any any
access-list inside_nat0_outbound extended permit ip
access-list inside_nat0_outbound extended permit ip host
access-list 3000client_splitTunnelAcl standard permit
access-list 3000client_splitTunnelAcl_1 standard permit
access-list 4000client_splitTunnelAcl standard permit
access-list 5000client_splitTunnelAcl standard permit host
access-list nonat extended permit ip object-group networks object-group B_networks
access-list nonat extended permit ip
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool pool
ip local pool Vendor
ip local pool ip_pool
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1
static (inside,outside) tcp interface 2080 2080 netmask
static (inside,outside) xxx205 netmask
static (inside,outside) 24.xxxxx203 netmask
static (inside,outside) 24.xxxxx204 netmask
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
access-group outside_access_in in interface outside
route outside 24.xxxx201 1
route inside 1
route inside 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
 lifetime 43200
telnet inside
telnet inside
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns
dhcpd auto_config outside
Question by:vmagan
  • 2
LVL 17

Accepted Solution

lruiz52 earned 500 total points
ID: 37723578
Configure terminal
no name OpenDNS1
no name OpenDNS2
no dhcpd dns

name xx.xx.xx.1
name xx.xx.xx.2
dhcpd dns xx.xx.xx.1 xx.xx.xx.2

Author Comment

ID: 37725916
I will try this tonight. Too scared to try this remotely.


Author Closing Comment

ID: 37739969
Nice and easy.


Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Wifi install - small London office 9 110
ASA to pfsense IPSec site to site tunnel 17 51
Cisco Prime and Maps 3 36
Cisco UCS: C-Series, bios failed power-on self test 2 22
Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now