I am configuring a ASA 5510 and I have a proxy server (in inside interface) that must to connect at externals DNS.
I have created the rules and NATs necessary it, but I am not able to open any web page, just reach the web pages through ip address.
When I make the tests, I have received the message of drop: Drop-reason: (inspect-dns-invalid-pak) DNS Inspect invalid packet message, but I do not know why!
Do you know why this is happing?
How can I fix this?
The rules follow bellow
access-list inside_access_in extended permit udp host PROXY_INTERNET host x.x.x.x eq domain
static (inside,outside) udp x.x.x.x domain PROXY_INTERNET domain netmask 255.255.255.255 dns
policy-map type inspect dns migrated_dns_map_1
message-length maximum 512
inspect h323 h225
inspect h323 ras
inspect dns migrated_dns_map_1
service-policy global_policy global