• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 765
  • Last Modified:

ASA DNS Doctoring

Hi All

Im having trouble getting DNS Doctoring to work on my ASA 5520. We have the usual setup detailed below

Server on DMZ - 172.16.111.10
Public IP address for NATing - 1.1.1.1
Inside network - 192.168.11.0/24

Here is the relevant config;

static (DMZ,OUTSIDE) 1.1.1.1 172.16.111.10 dns
static (INSIDE,DMZ) 192.168.11.0 192.168.11.0 netmask 255.255.255.0

access-l OUTSIDE_IN per tcp any host 1.1.1.1 eq www

Modular policy is in the default state and layer 7 inspection of DNS is in place

The users will be using external DNS to get to the web sites via the external IP address (1.1.1.1)

Any ideas please? We also have a few web developers that need access to the web server via it's private address (172.16.111.10)

Cheers
0
Leedham2answers
Asked:
Leedham2answers
1 Solution
 
Leedham2answersAuthor Commented:
http://www.routsec.com/?p=80

This link is awesome
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now