Core issue
The issue is documented in Cisco bug ID CSCsd35775.
The problem occurs after an upgrade from PIX Firewall software 6.3.4 to 6.3.5(105). The DNS replies are blocked by the outbound ACL for Domain Name System (DNS) queries initiated from outside to inside. The ACL does not have explicit access control entries to allow DNS replies from theDNS server back to the client.
Resolution
For a workaround, explicitly permit the traffic from source UDP port 53 and the address of the inside DNS server in the ACL.
As an alternative, upgrade the PIX code to version 6.3(5.109) or the latest version. Refer to Software Download: Cisco PIX Security Appliance Software.
Product Family
Firewall - PIX 500 series
PIX Software Version
PIX version 6.x
Can You Ping...
Client can ping by IP, but not by name