Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Thousands of DNS connections in PIX 515e

We're having intermittent problems getting to the Internet thru our PIX 515e. I issued the "show conn" command and there are thousands and thousands of DNS connections for our internal DNS server with multiple Internet IP's....should this be the case? Do I need to allow DNS inbound into our network, or should I just need to allow it outbound?

3 REPLIES
Gold

Re: Thousands of DNS connections in PIX 515e

if that DNS server is also responsible for your public address space and name resolution, then you need to allow it inbound...otherwise, definitely not. it sounds like the public is using it as their own dns server.

New Member

Re: Thousands of DNS connections in PIX 515e

Yes, thank you! I had 55,000 connections for my internal DNS server! As soon as I blocked it, all is well! Thanks.

New Member

Re: Thousands of DNS connections in PIX 515e

can you go into more detail about your dns problem...we are also having DNS issues when thousands of dns translations "clogged" the PIX..and only "clear xlate" solves the issue.

tx

122
Views
0
Helpful
3
Replies
CreatePlease to create content