Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

dns rewrite

I'm not sure this is the best location for this question but I didn't find a better one.

One of our customers want to be able to use VPN to the local firewall from their guest network, if they connect with the vpn client to the ip address of the guestnetwork interface it's not a problem so I know that part works. They also have the requirement that you should do it with the same dns record from the outside as well as the inside (guest network in this case). So this is the current setup

 

Ip of outside interface on FW is 4.4.4.4 which is translated to vpn.cust.com

Ip of guest interface on FW is 192.168.0.1 which doesn't have a translation.

A public dns server is used to translate vpn.cust.com for the guest user.

 

So what I want is for the dns request of a guest user which would recieve 4.4.4.4 as a translation of vpn.cust.com to be rewritten with 192.168.0.1.

I've read a few docs about this and my problem always boils down to the fact that I'm not allowed to do a rewrite of the outside interface (4.4.4.4), it conflicts with something. So am I screwed or can this be acomplished in any other way?

 

Thanks in advance for any question and suggestion.

Br

//Peter

Everyone's tags (5)
125
Views
0
Helpful
0
Replies
CreatePlease to create content