Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Problem with DNS server behind a 837 router with NAT

Dear,

We have a HTTP, FTP, SMTP and a DNS server set up behand a 837 router with nat enabled. Everything except the DNS server is working ok. The configuration is in attachment

If I change the nat for port 53 to port 5353 local (and reconfigure the dns server to listen to port 5353) the dns server is working fine except if the computer sending the query uses port 53 UDP (and the answer has to be send back to port 53 UDP). The answer does not get through the router.

Any idea's?

2 REPLIES
Anonymous
N/A

Re: Problem with DNS server behind a 837 router with NAT

The issue may be the return data is not passing through the NAT. If the Firewall is not configured to allow the return then the the data will not pass through it. Check the configurations of firewall.

Community Member

Re: Problem with DNS server behind a 837 router with NAT

Thaks for your response, but no, that is not the problem.

I've solved the problem yesterday.

There has to be a 1-1 NAT rule in the configuration:

ip nat inside source static 192.168.0.253 213.49.131.61

Only forwarding port 53 UDP and TCP doesn't work.

AND

The DNS server must be configured to supply A records with the local IP address, not the global IP address, otherwise the DNS response does not pass through the router!!! (surprise, surprise) The router translates the ip addresses inside the DNS respones.

It took a long time to find this out, but now everything works OK.

306
Views
0
Helpful
2
Replies
CreatePlease to create content