Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco ASA and DNS

We purchased a bunch of Cisco ASA 5505 for our branch offices. Offices are made up of less than 20 end points. We are using it as a firewall and DHCP server at hte moment but also assumed that it had DNS server capabilities.  Basically use it as a SOHO router.  My research thus far indicates that yes we can use the device as a dns server but it won't resolve locally defined hosts.  So it can relay dns request to an external dns server but won't allow me to configured an a record on the device itself.

Can anyone verify this before I look into purchasing another device just to do local DNS server services?

Thanks!

1 REPLY
Hall of Fame Super Blue

Cisco ASA and DNS

Joe

As far as i know the ASA cannot act as a DNS server nor can it act as a DNS relay. What you can do is -

1) configure DNS servers on the ASA that can be used in certain situations for allowing the ASA to resolve a name to an IP. For example using the Botnet filter on the ASA, SSL certificates etc. require the ASA to be able to qurey external DNS servers.

But this is for use by the ASA itself ie. it is used to resolve names within the ASA config. It is not used to allow clients to ask the ASA to resolve DNS names for them. So it can neither act as a DNS server itself nor can it pass on clients DNS queries to DNS servers.

2) if you use the ASA to hand out IPs via DHCP you can add valid DNS servers within the DHCP config just as you can with Windows DHCP.

Jon

686
Views
0
Helpful
1
Replies
CreatePlease to create content