Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DNS Doctoring - network range


I find plenty of examples of host configurations, like...

static (dmz,inside) X.X.X.X Y.Y.Y.Y netmask dns

Can I also configure it for networks, like...

static (dmz,inside) X.X.X.X Y.Y.Y.Y netmask dns

The reason to deploy the network method would be when I don't know all the internal servers being targeted by clients.

Thanks you for helping me

Everyone's tags (3)

DNS Doctoring - network range

Hi Bro

This is not possible. Let me explain why.

Firstly, it should be static (inside,dmz) not the other way around, unless of course you're doing a 2-way NAT which is not your case.

The statement static (inside,dmz) netmask means you're doing IP TRANSLATION, which is not what you're doing either.

The only reason you use DNS Doctoring, is so that LAN users are able to see the internal web servers as a private address (the real address) when the DNS client is on LAN.

P/S: if you think this comment is useful, please do rate them nicely :-)

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
CreatePlease login to create content