Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

dns on asa

hello,

is it possible to just configure a dns server on asa and just use hostnames to the rest of the configuration?

if yes, how? sorry i cant find any docs.

5 REPLIES

Re: dns on asa

Hi Celso,

If you simply want to refer to hostnames within your configuration rather than IP addresses, you can use the 'name' command. So, your configuration could look something like this (taken from the ASA command reference):

hostname(config)# names

hostname(config)# name 192.168.42.3 sa_inside

hostname(config)# name 209.165.201.3 sa_outside

hostname(config-if)# ip address inside sa_inside 255.255.255.0

hostname(config-if)# ip address outside sa_outside 255.255.255.224

Also, here is a link to that command reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/no.html#wp1747000

Hope that helps.

-Mike

Community Member

Re: dns on asa

thx but what am asking is if theres a way to add a dns ip and the asa will do a lookup there for name resolution rather than doing all this harcoded names on asa?

Community Member

Re: dns on asa

i had to create hundreds of names and groups manually on the firewall to simplify my configuration.

this is a good question, hope someone can clarify this.

Re: dns on asa

Unfortunately, this is not possible. You must use either an IP address or a name (configured with the 'name' command mentioned above) in the firewall's configuration. You can also use object-groups to condense ACLs, but again this all must be manually entered at least once into the firewall's configuration.

-Mike

Community Member

Re: dns on asa

so it seems it is not possible at all...thx a lot gents

179
Views
7
Helpful
5
Replies
CreatePlease to create content