We have a little problem with using alias command. The DNS packet come back with udp error after we apply alias. Although I checked that the packet IP has been changed to what we want. The most wonderful stuff is some of the domain name works. But most of the domain name reply contain error.
By the way, really thanks for that TAC engineer suggest to use fixup protocol before. But now the problem is our version is not 6.x and up. We can't use fixup protocol dns and sysopt noproxarp is not show up in mem neither.
Is that any solution to fix this problem instead of upgrading?
I found Resolved Caveats at 6.x
CSCds14773 Checksum error when alias command is activated. Is it related?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...