ASA DNS Doctoring

Hi All

Im having trouble getting DNS Doctoring to work on my ASA 5520. We have the usual setup detailed below

Server on DMZ - 172.16.111.10
Public IP address for NATing - 1.1.1.1
Inside network - 192.168.11.0/24

Here is the relevant config;

static (DMZ,OUTSIDE) 1.1.1.1 172.16.111.10 dns
static (INSIDE,DMZ) 192.168.11.0 192.168.11.0 netmask 255.255.255.0

access-l OUTSIDE_IN per tcp any host 1.1.1.1 eq www

Modular policy is in the default state and layer 7 inspection of DNS is in place

The users will be using external DNS to get to the web sites via the external IP address (1.1.1.1)

Any ideas please? We also have a few web developers that need access to the web server via it's private address (172.16.111.10)

Cheers
Leedham2answersAsked:
Who is Participating?
 
Leedham2answersConnect With a Mentor Author Commented:
http://www.routsec.com/?p=80

This link is awesome
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.