• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 441
  • Last Modified:

change asa firewall dns address

Trying to add my new isp static info and take off this opendns address off.

sho ver!
no names
name 10.226.72.141 Server
name xx.xx.203 PublicMail
name 10.34.95.0
name 192.168.144.4 IntegratedSolar_Cam
name 192.168.144.2 IntegratedSolar_Meter
name xxx204 IntegratedSolar_MeterPublic
name xxxx205 IntegratedSolar_CamPublic
name xxxx141 IntegratedSolar_Public
name 208.67.222.222 OpenDNS1
name 208.67.220.220 OpenDNS2
name xxxxx202 Outside_Interface
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.226.72.140 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address xxxxxx202 255.255.255.248
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
 
speed 100
 duplex full
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
same-security-traffic permit intra-interface
object-group service IntSolar tcp
 port-object eq 9999
object-group network OpenDNS_Servers
 network-object host 208.67.220.220
 network-object host 208.67.222.222
object-group network _networks
 network-object 10.226.72.0 255.255.255.0
object-group network B_networks
 network-object 10.34.95.0 255.255.255.0
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any host xxx203 eq smtp
access-list outside_access_in extended permit tcp any host xxx203 eq https
access-list outside_access_in extended permit ip host 209xxxx141 host 24.xxx204
access-list outside_access_in extended permit ip any host 24.xxxx205
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit ip host 173..141 host 24xxxxx204
access-list outside_access_in extended permit tcp any host 24xxxx202 eq 2080
access-list inside_access_out extended permit ip any any
access-list inside_nat0_outbound extended permit ip 10.226.72.0 255.255.255.0 10.226.73.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip host 10.226.72.194 10.226.73.12 255.255.255.252
access-list 3000client_splitTunnelAcl standard permit 10.226.72.0 255.255.255.0
access-list 3000client_splitTunnelAcl_1 standard permit 10.226.72.0 255.255.255.0
access-list 4000client_splitTunnelAcl standard permit 10.226.72.0 255.255.255.0
access-list 5000client_splitTunnelAcl standard permit host 10.226.72.194
access-list nonat extended permit ip object-group networks object-group B_networks
access-list nonat extended permit ip 10.226.72.0 255.255.255.0 10.226.73.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool pool 10.226.73.121-10.226.73.124
ip local pool Vendor 10.226.73.12-10.226.73.15
ip local pool ip_pool 10.226.73.106-10.226.73.120
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 10.226.72.0 255.255.255.0
static (inside,outside) tcp interface 2080 10.226.72.135 2080 netmask 255.255.255.255
static (inside,outside) xxx205 192.168.144.4 netmask 255.255.255.255
static (inside,outside) 24.xxxxx203 10.226.72.141 netmask 255.255.255.255
static (inside,outside) 24.xxxxx204 192.168.144.2 netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 24.xxxx201 1
route inside 192.168.10.0 255.255.255.248 10.226.72.254 1
route inside 192.168.144.0 255.255.255.240 10.226.72.254 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
 lifetime 43200
telnet 10.226.72.0 255.255.255.0 inside
telnet 10.226.73.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns 208.67.222.222 208.67.220.220
dhcpd auto_config outside
0
vmagan
Asked:
vmagan
  • 2
1 Solution
 
lruiz52Commented:
Configure terminal
no name 208.67.222.222 OpenDNS1
no name 208.67.220.220 OpenDNS2
no dhcpd dns 208.67.222.222 208.67.220.220

name xx.xx.xx.1
name xx.xx.xx.2
dhcpd dns xx.xx.xx.1 xx.xx.xx.2
0
 
vmaganAuthor Commented:
I will try this tonight. Too scared to try this remotely.

Thanks
0
 
vmaganAuthor Commented:
Nice and easy.

Thanks
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now