I've been tasked with converting a Netscreeen fw to ASA 5520. All is well except for some of the fw policy where they have used fqdn for a host in the "untrust" portion of the policy. On the netscreen, you can configure a dns server and it will go out and resolve these fqdn's. Does the ASA allow for something like this? I've looked through the cmd reference, etc and haven't found it.