Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT Problems with Cisco ASA 5501

Hi all,

I recently configured a cisco ASA 5500 firewall with PAT & basic filters. Everything is ok other than DNS. I dont have any internal DNS servers I am using my ISPs DNS servers for name resolutions. In the nslookup utility of a client computer all the URLs are getting resolves perfectly. But I type the same URL in the browser it's not working. But if I type the IP address of the same URL in the browser it works perfectly. Wonder why this happen. Is this something to do with maximum DNS packet size or something else. Please let me know.

Thanks in advance

Sara

Here I am attaching the sh run output and the syslog messages

1 REPLY
Cisco Employee

Re: NAT Problems with Cisco ASA 5501

hi,

from where are u initiating the request.from inside or from management?

it seems that there's some issue with routes here.

route inside 172.16.0.0 255.255.0.0 172.16.40.2 1

this means 172.16.0.0/16 lies on inside

ip address 172.16.1.50 255.255.255.0 :

the ip address which you have assisgned to management interface and the dhcp client ip's which you have defined on the management interface,they are in the same network as inside network.

please change the ip address of management interface so that it does not lie with in 172.16.0.0/16 and please change the dhcp client range defined on the management interface too.

i am not sure how this could be related to your issue but this is obviously misconfiguration.

hth

Sushil

496
Views
0
Helpful
1
Replies