change asa firewall dns address

Posted on 2012-03-14
Last Modified: 2012-03-19
Trying to add my new isp static info and take off this opendns address off.

sho ver!
no names
name Server
name xx.xx.203 PublicMail
name IntegratedSolar_Cam
name IntegratedSolar_Meter
name xxx204 IntegratedSolar_MeterPublic
name xxxx205 IntegratedSolar_CamPublic
name xxxx141 IntegratedSolar_Public
name OpenDNS1
name OpenDNS2
name xxxxx202 Outside_Interface
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 ip address xxxxxx202
interface Ethernet0/0
 switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
speed 100
 duplex full
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
same-security-traffic permit intra-interface
object-group service IntSolar tcp
 port-object eq 9999
object-group network OpenDNS_Servers
 network-object host
 network-object host
object-group network _networks
object-group network B_networks
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any host xxx203 eq smtp
access-list outside_access_in extended permit tcp any host xxx203 eq https
access-list outside_access_in extended permit ip host 209xxxx141 host 24.xxx204
access-list outside_access_in extended permit ip any host 24.xxxx205
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended permit icmp any any time-exceeded
access-list outside_access_in extended permit icmp any any unreachable
access-list outside_access_in extended permit ip host 173..141 host 24xxxxx204
access-list outside_access_in extended permit tcp any host 24xxxx202 eq 2080
access-list inside_access_out extended permit ip any any
access-list inside_nat0_outbound extended permit ip
access-list inside_nat0_outbound extended permit ip host
access-list 3000client_splitTunnelAcl standard permit
access-list 3000client_splitTunnelAcl_1 standard permit
access-list 4000client_splitTunnelAcl standard permit
access-list 5000client_splitTunnelAcl standard permit host
access-list nonat extended permit ip object-group networks object-group B_networks
access-list nonat extended permit ip
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool pool
ip local pool Vendor
ip local pool ip_pool
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1
static (inside,outside) tcp interface 2080 2080 netmask
static (inside,outside) xxx205 netmask
static (inside,outside) 24.xxxxx203 netmask
static (inside,outside) 24.xxxxx204 netmask
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
access-group outside_access_in in interface outside
route outside 24.xxxx201 1
route inside 1
route inside 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
 lifetime 43200
telnet inside
telnet inside
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd dns
dhcpd auto_config outside
Question by:vmagan
  • 2
LVL 17

Accepted Solution

lruiz52 earned 500 total points
ID: 37723578
Configure terminal
no name OpenDNS1
no name OpenDNS2
no dhcpd dns

name xx.xx.xx.1
name xx.xx.xx.2
dhcpd dns xx.xx.xx.1 xx.xx.xx.2

Author Comment

ID: 37725916
I will try this tonight. Too scared to try this remotely.


Author Closing Comment

ID: 37739969
Nice and easy.


Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA version 8.2 NAT to version 9 NAT 3 34
cisco sg 200 trunking 4 24
Cisco ASA dns and browsing 20 32
cisco 2800 cannot ping lan 4 18
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question