How to get DNS IP's via DHCP on ASA5505

Unanswered Question
May 16th, 2008

I just found why my lookups take so long. My ISP has changed their DNS servers to a dynamic config so my servers are no longer valid and I don't know how to configure my asa5505 to do dhcp to automatically get the dns ip's.

Any help much appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bhatok Sat, 05/17/2008 - 09:45

You can configure DHCP on your ASA to use the DNS, WINS, and Domain name it obtains from the outside interface using DHCP or PPPOE by using the dhcpd auto_config command.

For example, your outside interface is setup for PPPOE. Use the following for your ASA to hand out dhcp addresses in the and the DNS, WINS, and domain name that it receives from the ISP.

dhcpd address inside

dhcpd auto_config outside

dhcpd enable inside

Hope this helps.


wizumwalt Sat, 05/17/2008 - 12:39

That's what I thought too, and I've got those lines in my config. But everytime I surf the web, my dns lookups take up to a minute because it's not getting the DNS's it needs.

So I've had to put in a DNS address like in my /etc/resolv.conf file till I can get DDNS to work correctly.

srue Sat, 05/17/2008 - 14:25

have you tried a windows box to see if you get the same results?

wizumwalt Sat, 05/17/2008 - 14:50

I don't have a windows box, but I have a mac, and if I put it on a netgear firewall (which I replaced w/ my asa) and put the netgear behind the asa I don't have the lookup delays.

srue Sat, 05/17/2008 - 17:23

is the problem that the ASA won't hand out the DNS servers it pulls from your ISP? or is the problem that the servers it does get aren't returning responses in a timely fashion?

wizumwalt Sat, 05/17/2008 - 21:18

The problem is that it's not able to get dns servers at all. However, any firewall i put behind the ASA is able to get DNS servers so that when I browse from the 2nd firewall, it works fine. But if I browse from the ASA, it takes a while to resolve url's.


This Discussion