Cisco Support Community
Community Member

PIX firewall and DNS

I am implementing a PIX firewall and I am trying to move my DNS servers over to the PIX. When I create the static nat mapping on the PIX and move it over, DNS resolution stops on the server. I can ping IP addresses on the internet and I can ping the IP addresses of Sprint's DNS server, which is my ISP. This DNS server is used for external DNS for some of our customer's websites.

In a nutshell, DNS resolution is not working once I have the server going through the PIX. On other server I can send them through the PIX, but I have to put the internet address of the DNS server on them for them to work, but if I put both DNS servers through the PIX nothing works.

thanks for any help

Community Member

Re: PIX firewall and DNS

Make sure the PIX is not doing a PAT on the DNS request going out from the PIX. I believe it does, so you will need to create a rule on the PIX to exclude the DNS requests from being PAT.

CreatePlease to create content