Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DNS Doctoring - network range

Hello

I find plenty of examples of host configurations, like...

static (dmz,inside) X.X.X.X Y.Y.Y.Y netmask 255.255.255.255 dns

Can I also configure it for networks, like...

static (dmz,inside) X.X.X.X Y.Y.Y.Y netmask 255.255.255.0 dns

The reason to deploy the network method would be when I don't know all the internal servers being targeted by clients.

Thanks you for helping me

Everyone's tags (3)
1 REPLY

DNS Doctoring - network range

Hi Bro

This is not possible. Let me explain why.

Firstly, it should be static (inside,dmz) not the other way around, unless of course you're doing a 2-way NAT which is not your case.

The statement static (inside,dmz) 10.10.10.0 20.20.20.0 netmask 255.255.255.0 means you're doing IP TRANSLATION, which is not what you're doing either.

The only reason you use DNS Doctoring, is so that LAN users are able to see the internal web servers as a private address (the real address) when the DNS client is on LAN.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968c8.shtml#intro

P/S: if you think this comment is useful, please do rate them nicely :-)

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
297
Views
0
Helpful
1
Replies
CreatePlease login to create content