DNS queries from ASA on behalf of client

Answered Question
Mar 19th, 2009

All,

Currently I have a Symantec Firewall (SF) and the Windows DNS server points to it as a forwarder. The SF has the root servers listed in it, and it does lookups for clients when the Windows box can't resolve. Does the ASA do anything like this?

Thanks,

John

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 8 months ago

John

As far as i am aware the ASA will not forward DNS queries in this way. Obviously you can configure the ASA to allow DNS queries out and back in but that's not the same as your Symantec firewall.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Jon Marshall Thu, 03/19/2009 - 12:04

John

As far as i am aware the ASA will not forward DNS queries in this way. Obviously you can configure the ASA to allow DNS queries out and back in but that's not the same as your Symantec firewall.

Jon

cisco24x7 Thu, 03/19/2009 - 12:41

The reason you can do this on either Symantec or Checkpoint firewall is because these devices/appliances also have bind installed Therefore, it is possible to have the firewall act as DNS forwarders.

That option is not available in ASA. Cisco ASA has limited features in those areas.

Actions

This Discussion