Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
6
Replies

PIX 501 Dynamic DNS Services

sjkeehan
Level 1
Level 1

‎03-21-2004 02:03 PM - edited ‎02-20-2020 11:18 PM

The ISP I have uses PPPOE and assigns external dynamic IP addresses that will eventually change.

1. Will Dynamic DNS services (e.g. dns2go, tzo.com) work with the PIX and

2. If so what configuration is needed in the console.

Also, what rules are needed to allow PCAnywhere with a dynamic "outside" address"

0 Helpful
6 Replies 6

nkhawaja
Cisco Employee
Cisco Employee

‎03-23-2004 11:15 AM

Hi,

From the Dynamic DNS services perspective Why would it matter if you are using a PIX or a Host, getting dynamic IPs.Since PIX will be holding the IP address for NAT/PAT and you will be using that address to out to the internet from your PC (where you are running dns2go). I think it should work.

From the PIX side, there is nothing configurable to support DNS2go.

the rules for PCAnywhere or any other inbound traffic should be

access-list 100 permit tcp any interface outside eq 5631

access-list 100 permit udp any interface outside eq 5632

check out this page for ports being used by PCanywhere

http://www.nthelp.com/NT6/pcanywhere_ip_port_usage.htm

0 Helpful

plemieux72
Level 1
Level 1

‎03-24-2004 07:42 PM

I actually use dyndns.org with one of the clients listed running on a host on the inside LAN. When the client detects that the outside IP address has changed, it connects to the dyndns.org servers and changes the IP address to the new one. There is no access-list needed as communication originates from the inside which is already permitted by default.

To remote control inside hosts while sitting at an Internet host, I use a VPN. Therefore, no need for outside access-lists.

0 Helpful

nkhawaja
Cisco Employee
Cisco Employee
In response to plemieux72

‎03-24-2004 10:09 PM

Hi,

I am not sure how would it work, since when IP addresses changes on the PIX, how would it notify the host about the change? How would a host on the inside know that the IP on the PIX has now changed?

Can some one else share some thoughts here.

Thanks

Nadeem

0 Helpful

nkhawaja
Cisco Employee
Cisco Employee
In response to nkhawaja

‎03-24-2004 10:17 PM

i could not find any feature enhancement the upcoming release as well. You would need to consider some alternate.

e.g.

try

www.directupdate.net

Thanks

Nadeem

0 Helpful

plemieux72
Level 1
Level 1
In response to nkhawaja

‎03-25-2004 04:22 AM

See this list of clients, when one of those is installed on a host on the inside, it will detect the outside interface IP address:

http://www.dyndns.org/services/custom/clients.html

I use DirectUpdate and it works great. Of course you need to configure it to contact your dyndns servers and authenticate so it can change the A record(s).

0 Helpful

sjkeehan
Level 1
Level 1
In response to plemieux72

‎03-25-2004 04:54 AM

Thanks for the info!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card