We recently installed an ASA 5510 with an inside and DMZ network. There is a Windows SMTP server on the inside, and multiple Windows 2000 Servers on the DMZ side.
DNS Doctoring is setup and working on both sides, DNS servers are on the Internet.
The DMZ servers can no longer send email destined to the SMTP server on the inside network. The problem is the DNS MX reply returns the public IP, not the proper private IP. However, the DNS MX record resolves fine for that server on the inside network with a NSLookup, and all other traffic.
After a lot of head banging, I found that DNS translation works over UDP, but if I force NSlookup to use DNS over TCP, the translation doesn't happen. The SMTP DNS request is being sent over TCP for some reason, which I haven't been able to affect. I have turned off the maximum 512 byte DNS limitation, but that still didn't allow the UDP version to go through.
Does anyone know how to force the DNS translation to happen when the computer resorts to DNS over TCP?
I can post the relative config if it will help.
I'll appreciate any help or suggestions anyone can provide. - Thanks!
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...