Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Inside-Outside-Inside Routing

We have a server in our DMZ called "Sue". Our wireless clients' DHCP scope has a private inside address, but a single DNS entry for a server on the outside.

The outside DNS server has a record for "Sue"'s public address. So when an inside wireless client resolves "Sue" it translates to the public address, and when the the inside client tries to access it using that address, it is blocked.

Does this sound right?

Why is that?

Does this make sense?

1 REPLY
Cisco Employee

Re: Inside-Outside-Inside Routing

Hi,

We call this dns doctoring ( resolving the above issue ).

Through this,basically when inside client tries to access SUE,the ip address which external dns server sends back is public but ASA convert it to private ip of SUE.

you would have a static command in ASA/PIX

static (dmz,outside) < private ip of sue>

Remove this static and add :

static (dmz,outside) < private ip of sue> DNS

For further reading,just search dns doctoring on cisco.

There is one more way,

static (dmz,inside) < private ip of sue>

through this,when inside comp. would receive public ip of SUE,then the above static command would send it to actual ip of SUE is dmz.

Please rate if helps.

Regards,

Sushil

148
Views
0
Helpful
1
Replies