Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

alias command on PIX (cont'd)

Ok, so the alias command was working for about 40 minutes, now it doesn't work anymore. I haven't made any changes.

Now when I ping the FQDN, it times out, and when I try to access the site via browser using FQDN, I get a DNS error. Rebooting the PC and reloading the PIX worked once, but not anymore.

Anyone seen this before?

11 REPLIES
Silver

Re: alias command on PIX (cont'd)

If nothing has changed then it is a wonder why alias command is not working. Would you please confirm with nslookup, what and where is your default DNS server? and what IP address is it giving you for that FQDN.

Thanks

Nadeem

Community Member

Re: alias command on PIX (cont'd)

My DNS server is outside my LAN on our ISP's LAN.

When I ping http://www.mysite.net, it will sometimes return with the internal IP address. Now, sometimes it works, sometimes it doesn't. Here's an example of it worked for the first ping and then not for each sucessive ping:

C:\>ping http://www.mysite.net

Pinging mysite.net [192.168.1.10] with 32 bytes of data:

Reply from 192.168.1.10: bytes=32 time<1ms TTL=128

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.1.10:

Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

The server is up and running fine. I get a couple of connections a day, hardly enough to choke it.

Just now, I was able to navigate the site just fine with my browser using the FQDN. Here's my ping results:

C:\>ping www.mysite.net

Pinging mysite.net [192.168.1.10] with 32 bytes of data:

Reply from 192.168.1.10: bytes=32 time<1ms TTL=128

Reply from 192.168.1.10: bytes=32 time<1ms TTL=128

Reply from 192.168.1.10: bytes=32 time<1ms TTL=128

Reply from 192.168.1.10: bytes=32 time<1ms TTL=128

It's like it works a couple of times and then stops. What's up with that?

Silver

Re: alias command on PIX (cont'd)

We need to first segregate it from alias issue.

Can u try to do this test with nslookup. and try to find out the result of www.mysite.net. If it always gives you the private IP address, then it is something else we are facing.

Community Member

Re: alias command on PIX (cont'd)

Here is the nslookup results:

C:\>nslookup http://www.mysite.net

Server: hudson.concentric.net

Address: 207.155.183.72

Non-authoritative answer:

Name: mysite.net

Address: 192.168.1.10

Aliases: http://www.mysite.net

PS: my domain name isn't really mysite.net. By segregate from the alias issue, does this mean the alias is working and it's something else?

Community Member

Re: alias command on PIX (cont'd)

I tried using the [DNS] option in the static command (via PDM)like this:

static (inside,outside) tcp interface www 192.168.1.10 www dns

But that didn't work. I think I'm using the command wrong. I can't find a link on CCO that explains the [DNS] option very well. LMK if you know one.

thanks!

Silver

Re: alias command on PIX (cont'd)

Hi,

If nslookup is giving you the same address every time, then alias is working as it is suppose to.

We need to check other things.

Thanks

Nadeem

Community Member

Re: alias command on PIX (cont'd)

Ok, what other things?

Silver

Re: alias command on PIX (cont'd)

Is it only happening with this server? Ping by FQDN give intermittent problems? Ping by IP always works?

Thanks

Nadeem

Community Member

Re: alias command on PIX (cont'd)

Yes. Pinging by FQDN usually works (and shows translation to internal IP), but sometimes doesn't.

Ping by internal IP always works. At least I can't remember a time when it didn't work. Ping via internal IP works even when ping by FQDN doesn't work.

Thanks for hanging in there, Nadeem!

Silver

Re: alias command on PIX (cont'd)

Ok, so ocassionaly ping by FQDN doesnot work, but at the same time you said that nslookup always gives out private IP address. These two are conflicting information. And we still can't conclude that alias is malfunctioning. In case this is an alias issue then all I can say is that this is a bug in the code. Try running a different code.

Thanks

Nadeem

Community Member

Re: alias command on PIX (cont'd)

Ok, maybe my PIX is buggy. This should work, huh? I'll try to download a new copy of the OS. Thanks for your help.

131
Views
5
Helpful
11
Replies
CreatePlease to create content