Solved

ASA DNS Doctoring

Posted on 2012-03-26
1
757 Views
Last Modified: 2012-03-26
Hi All

Im having trouble getting DNS Doctoring to work on my ASA 5520. We have the usual setup detailed below

Server on DMZ - 172.16.111.10
Public IP address for NATing - 1.1.1.1
Inside network - 192.168.11.0/24

Here is the relevant config;

static (DMZ,OUTSIDE) 1.1.1.1 172.16.111.10 dns
static (INSIDE,DMZ) 192.168.11.0 192.168.11.0 netmask 255.255.255.0

access-l OUTSIDE_IN per tcp any host 1.1.1.1 eq www

Modular policy is in the default state and layer 7 inspection of DNS is in place

The users will be using external DNS to get to the web sites via the external IP address (1.1.1.1)

Any ideas please? We also have a few web developers that need access to the web server via it's private address (172.16.111.10)

Cheers
0
Comment
Question by:Leedham2answers
1 Comment
 

Accepted Solution

by:
Leedham2answers earned 0 total points
ID: 37765192
http://www.routsec.com/?p=80

This link is awesome
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Wifi install - small London office 9 110
Quality settings for cisco routers 8 53
Access List 2 18
logging buffered 8 39
If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now