Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 501 Dynamic DNS Services

The ISP I have uses PPPOE and assigns external dynamic IP addresses that will eventually change.

1. Will Dynamic DNS services (e.g. dns2go, tzo.com) work with the PIX and

2. If so what configuration is needed in the console.

Also, what rules are needed to allow PCAnywhere with a dynamic "outside" address"

6 REPLIES
Cisco Employee

Re: PIX 501 Dynamic DNS Services

Hi,

From the Dynamic DNS services perspective Why would it matter if you are using a PIX or a Host, getting dynamic IPs.Since PIX will be holding the IP address for NAT/PAT and you will be using that address to out to the internet from your PC (where you are running dns2go). I think it should work.

From the PIX side, there is nothing configurable to support DNS2go.

the rules for PCAnywhere or any other inbound traffic should be

access-list 100 permit tcp any interface outside eq 5631

access-list 100 permit udp any interface outside eq 5632

check out this page for ports being used by PCanywhere

http://www.nthelp.com/NT6/pcanywhere_ip_port_usage.htm

New Member

Re: PIX 501 Dynamic DNS Services

I actually use dyndns.org with one of the clients listed running on a host on the inside LAN. When the client detects that the outside IP address has changed, it connects to the dyndns.org servers and changes the IP address to the new one. There is no access-list needed as communication originates from the inside which is already permitted by default.

To remote control inside hosts while sitting at an Internet host, I use a VPN. Therefore, no need for outside access-lists.

Cisco Employee

Re: PIX 501 Dynamic DNS Services

Hi,

I am not sure how would it work, since when IP addresses changes on the PIX, how would it notify the host about the change? How would a host on the inside know that the IP on the PIX has now changed?

Can some one else share some thoughts here.

Thanks

Nadeem

Cisco Employee

Re: PIX 501 Dynamic DNS Services

i could not find any feature enhancement the upcoming release as well. You would need to consider some alternate.

e.g.

try

www.directupdate.net

Thanks

Nadeem

New Member

Re: PIX 501 Dynamic DNS Services

See this list of clients, when one of those is installed on a host on the inside, it will detect the outside interface IP address:

http://www.dyndns.org/services/custom/clients.html

I use DirectUpdate and it works great. Of course you need to configure it to contact your dyndns servers and authenticate so it can change the A record(s).

New Member

Re: PIX 501 Dynamic DNS Services

Thanks for the info!

141
Views
0
Helpful
6
Replies
CreatePlease login to create content