cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
441
Views
0
Helpful
2
Replies

DNS fixup not working on PIX 501 6.3

info
Level 1
Level 1

Hi all,

I am running a PIX 501 FW and everything is fine except for one thing. We have a DNS server on the inside and according to the docs the dns fixup setting shold translate A records automatically so they have "outside" IP adresses when viewed from the outside although they are actually configured on the DNS server with "inside" IP's.

However it doesn't work. If I eg. query the DNS server for ns.my.com it returns 10.195.0.1 and not x.x.x.x as I would have expected.

Is my configuration wrong or doesn't that work at all?

Excerpt of config:

fixup protocol dns maximum-length 2048

static (inside,outside) x.x.x.x 10.195.0.1 netmask 255.255.255.255 0 0

1 Accepted Solution

Accepted Solutions

nkhawaja
Cisco Employee
Cisco Employee

Hi,

i dont think this is what dns fixup is for.

try this

static (inside,outside) x.x.x.x 10.195.0.1 netmask 255.255.255.255 dns

View solution in original post

2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

Hi,

i dont think this is what dns fixup is for.

try this

static (inside,outside) x.x.x.x 10.195.0.1 netmask 255.255.255.255 dns

Ah yes, that was exactly what was needed. I thought I had read the docs, but not enough apparently - I had missed the "dns" option on static.

Thank you very much!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: