First, I would like to know whether anyone has been using 6.2(2) in production?
I have a simple setup with a PIX 520 and 6.2(2). There is one HTTP Proxy server behind the firewall. All users hit the HTTP Proxy which in turns goes out thru the PIX. The Proxy is natted on the PIX.
Something like this:
nat (inside) 1 ip_of_the_proxy 255.255.255.255 0 0
global (outside) 1 ip_from_global_pool
Now the ISP has two DNS servers. Lets say A & B. After some time of functioning, users can't get URLs resolved. For eg. a request for www.download.com returns with a search page from search.msn.com.
When the preference for DNS servers is reversed, say from A & B to B & A, it starts working again.
I changed the nat statement to :
nat (inside) 1 ip_add_of_proxy 255.255.255.255 dns 0 0
Still watching for trouble.
Any clues on what could be the problem? Whats the diff between:
nat (inside) 1 IP mask 0 0
nat (inside) 1 IP mask dns 0 0