How to configure ASA 5505 as a DNS server

Unanswered Question
Nov 16th, 2011

I want to configure my Cisco asa 5505 as a dns server, so that when i configure any of my network systems ip address and use my firewall as a default gateway and dns ip, the system should be able to browse internet.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
naushad_khan Wed, 11/16/2011 - 00:55

I need my network systems to use internet, when default gateway of the firewall is provided.

Cadet Alain Wed, 11/16/2011 - 01:02

Hi,

The ASA can't act as DNS server or proxy-dns as far as I'm aware of.Even though it can serve as DHCP server or Relay,the features are limited compared to IOS and that's understandable because its primary focus is security.

Regards.

Alain

chaitu_kranthi Wed, 11/16/2011 - 04:34

Hi,  Hope this will helpful to you.        Configuring the DNS Server  Some ASA features require use of a DNS server to access external servers by domain name; for example, the Botnet Traffic Filter feature requires a DNS server to access the dynamic database server and to resolve entries in the static database. Other features, such as the ping or traceroute command, let you enter a name that you want to PING for traceroute, and the ASA can resolve the name by communicating with a DNS server. Many SSL VPN and certificate commands also support names.    Step 1         dns domain-lookup interface_name  Example:  hostname(config)# dns domain-lookup inside        Enables the ASA to send DNS requests to a DNS server to perform a name lookup for supported commands.  Step 2         dns server-group DefaultDNS  Example:  hostname(config)# dns server-group  DefaultDNS         Specifies the DNS server group that the ASA uses for from-the-box requests.  Other DNS server groups can be configured for VPN tunnel groups. See the tunnel-group command in the Cisco ASA 5500 Series Command Reference for more information.  Step 3         name-server ip_address [ip_address2]  [...] [ip_address6]  Example:  hostname(config-dns-server-group)#  name-server 10.1.1.5 192.168.1.67  209.165.201.6         Specifies one or more DNS servers. You can enter all 6 IP addresses in the same command, separated by spaces, or you can enter each command separately. The security appliance tries each DNS server in order until it receives a response.

Cadet Alain Wed, 11/16/2011 - 04:49

Hi,

But this is not offering DNS services to clients as the OP asked.

Regards.

Alain

Actions

Login or Register to take actions

This Discussion

Posted November 16, 2011 at 12:41 AM
Stats:
Replies:5 Avg. Rating:
Views:2630 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 7,861
2 6,140
3 3,170
4 1,473
5 1,446