03-21-2004 02:03 PM - edited 02-20-2020 11:18 PM
The ISP I have uses PPPOE and assigns external dynamic IP addresses that will eventually change.
1. Will Dynamic DNS services (e.g. dns2go, tzo.com) work with the PIX and
2. If so what configuration is needed in the console.
Also, what rules are needed to allow PCAnywhere with a dynamic "outside" address"
03-23-2004 11:15 AM
Hi,
From the Dynamic DNS services perspective Why would it matter if you are using a PIX or a Host, getting dynamic IPs.Since PIX will be holding the IP address for NAT/PAT and you will be using that address to out to the internet from your PC (where you are running dns2go). I think it should work.
From the PIX side, there is nothing configurable to support DNS2go.
the rules for PCAnywhere or any other inbound traffic should be
access-list 100 permit tcp any interface outside eq 5631
access-list 100 permit udp any interface outside eq 5632
check out this page for ports being used by PCanywhere
03-24-2004 07:42 PM
I actually use dyndns.org with one of the clients listed running on a host on the inside LAN. When the client detects that the outside IP address has changed, it connects to the dyndns.org servers and changes the IP address to the new one. There is no access-list needed as communication originates from the inside which is already permitted by default.
To remote control inside hosts while sitting at an Internet host, I use a VPN. Therefore, no need for outside access-lists.
03-24-2004 10:09 PM
Hi,
I am not sure how would it work, since when IP addresses changes on the PIX, how would it notify the host about the change? How would a host on the inside know that the IP on the PIX has now changed?
Can some one else share some thoughts here.
Thanks
Nadeem
03-24-2004 10:17 PM
i could not find any feature enhancement the upcoming release as well. You would need to consider some alternate.
e.g.
try
Thanks
Nadeem
03-25-2004 04:22 AM
See this list of clients, when one of those is installed on a host on the inside, it will detect the outside interface IP address:
http://www.dyndns.org/services/custom/clients.html
I use DirectUpdate and it works great. Of course you need to configure it to contact your dyndns servers and authenticate so it can change the A record(s).
03-25-2004 04:54 AM
Thanks for the info!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide