shouldnt i be able to? alias

Unanswered Question
May 2nd, 2008
User Badges:

ive added an alias command on my pix and now i can only access the dns server via public ip 67.x.x.x - if alias is another name for something why cant i access the dns server by it's internal ip also 10.10.5.x?

i have to have two rdp connections for the same dns server - if i come in via vpn i have to use 10.10.5.x but if im inside i have to use 67.x.x.x - the server guys are complaining.

ideas?


thanks - Jerry

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
owillins Thu, 05/08/2008 - 07:38
User Badges:
  • Silver, 250 points or more

Try this example. Replace with your IP address

static (dmz,inside) translated_IP real_ip dns


ip address inside 10.1.1.1 255.255.255.0

ip address dmz 172.16.1.1 255.255.255.0

static (dmz,outside) x.x.x.x 172.16.1.5 netmask 255.255.255.255

static (dmz,inside) x.x.x.x 172.16.1.5 netmask 255.255.255.255 dns

For more info about alias Command for the Cisco Secure PIX Firewall

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml


jerry.mcrae Thu, 05/08/2008 - 11:10
User Badges:

after i read your reply this morning i was able to ping the internal ip in the dmz - 10.10.5.36 from inside 172.16.1.x with out any changes but as fast as it worked it stopped working again. i have this:

static (DMZ1,outside) 67.13.3.x 10.10.5.36 netmask 255.255.255.255

then i added this:

static (DMZ1,inside) 67.13.3.x 10.10.5.36 netmask 255.255.255.255

cleared xlate and i still couldnt ping it.

im stumped - Jerry

Actions

This Discussion