Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
872
Views
5
Helpful
3
Replies

Can Cisco 5510 configure to do dns forwarder?

Go to solution
VincentLong
Level 1
Level 1

‎06-28-2010 02:35 AM - edited ‎03-09-2019 11:02 PM

Hi,

My client is using the public dns but they don't want dhcp to give dns as public dns. They want it to point to firewall then only firewall forward the dns to public DNS. Would it possible for ASA 5510?


Regards,

Hing

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kevin Redmon
Cisco Employee
Cisco Employee

‎06-29-2010 03:45 PM

Hing,

Sort of - you could configure a static statement on the ASA that will equate to the DNS's IP address.  For instance:

static (outside, inside) 10.1.1.253 1.1.1.1

You would also have to ensure that UDP 53 traffic is also allowed via access-list on your inside interface.  On your DHCP server, you would then configure the IP address 10.1.1.253 as your DNS server - in reality, the ASA will simply translate that IP address to the real 1.1.1.1 address.

Hope this helps,

Kevin

View solution in original post

3 Replies 3

Go to solution
Kevin Redmon
Cisco Employee
Cisco Employee

‎06-29-2010 03:45 PM

Hing,

Sort of - you could configure a static statement on the ASA that will equate to the DNS's IP address.  For instance:

static (outside, inside) 10.1.1.253 1.1.1.1

You would also have to ensure that UDP 53 traffic is also allowed via access-list on your inside interface.  On your DHCP server, you would then configure the IP address 10.1.1.253 as your DNS server - in reality, the ASA will simply translate that IP address to the real 1.1.1.1 address.

Hope this helps,

Kevin

Go to solution
VincentLong
Level 1
Level 1
In response to Kevin Redmon

‎06-29-2010 08:29 PM

Hi Kevin,

Thanks alot. That was a brilliant idea.

Regards,

Hing

0 Helpful

Go to solution
Kevin Redmon
Cisco Employee
Cisco Employee
In response to VincentLong

‎06-30-2010 06:41 AM

Hing,

If you have any further questions, please let us know.  If this solution works for you, please be sure to mark this question as answered.

Thanks in advance,

Kevin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents