Can Cisco 5510 configure to do dns forwarder?

Answered Question
Jun 28th, 2010

Hi,

My client is using the public dns but they don't want dhcp to give dns as public dns. They want it to point to firewall then only firewall forward the dns to public DNS. Would it possible for ASA 5510?


Regards,

Hing

I have this problem too.
0 votes
Correct Answer by Kevin Redmon about 6 years 7 months ago

Hing,

Sort of - you could configure a static statement on the ASA that will equate to the DNS's IP address.  For instance:

static (outside, inside) 10.1.1.253 1.1.1.1

You would also have to ensure that UDP 53 traffic is also allowed via access-list on your inside interface.  On your DHCP server, you would then configure the IP address 10.1.1.253 as your DNS server - in reality, the ASA will simply translate that IP address to the real 1.1.1.1 address.

Hope this helps,

Kevin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Kevin Redmon Tue, 06/29/2010 - 15:45

Hing,

Sort of - you could configure a static statement on the ASA that will equate to the DNS's IP address.  For instance:

static (outside, inside) 10.1.1.253 1.1.1.1

You would also have to ensure that UDP 53 traffic is also allowed via access-list on your inside interface.  On your DHCP server, you would then configure the IP address 10.1.1.253 as your DNS server - in reality, the ASA will simply translate that IP address to the real 1.1.1.1 address.

Hope this helps,

Kevin

Kevin Redmon Wed, 06/30/2010 - 06:41

Hing,

If you have any further questions, please let us know.  If this solution works for you, please be sure to mark this question as answered.

Thanks in advance,

Kevin

Actions

This Discussion