×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.
jekrauss Tue, 07/10/2001 - 07:06
User Badges:

If your DNS server on the DMZ has a static to the outside, then you are trying to send a packet through the outside interface, then turn back around and come back in the outside interface.


This is essentially a redirect, which the ASA (rule engine) of the PIX will not permit. You should be able to reach the dns server using the private ip address or by domain name if using the alias command.


If you are not using a static for your DNS server, and it is dual-homed, then it should work fine (kind of defeats the purpose of the PIX though).


HTH

Jeff

Actions

This Discussion