Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BIND and ASA 5510 w/ 8.0(2)

Has anyone experienced DNS resolution problems using BIND behind an ASA running 8.0(2) with the default inspection policies applied? Any help is appreciated...

I'm seeing DNS requests go out to the internet, via packet capture, but nothing returning. However I haven't looked at the packets further to identify if they're being altered in some way...


Re: BIND and ASA 5510 w/ 8.0(2)

Since you said you're using BIND, I assume you mean it's having trouble forwarding queries across your firewall to the Internet?

Or are Internet users querying against your BIND server?

I once had to change the message-length maximum in order for zone transfers to work properly, but nothing for normal dns queries.

New Member

Re: BIND and ASA 5510 w/ 8.0(2)

You are correct. BIND is sending requests through the ASA (ASA is translating and passing the packets - I've taken captures on inside/outside interfaces) but no replies are coming back. I'm wondering if there is some odd DNS packet alteration going on?

I built a Windows DNS server, and things seem to be working normally...

Any insight or experience is appreciated...