Pix and problems with internal DNS configuration (W2K AD Integrated DNS)
I have set up a Pix firewall and believe the problems to be with the internal DNS configuration and not the Pix.
I have been assigned a range of external IP addresses, for the following services:
17 - BT router
18 - External Wan - fixed wan
19 - SMTP - virtual static mapping
20 - OWA - Virtual static mapping
21 - FTP - virtual static mapping
22 - global address - and resolves on shields up
I have configured the firewall with access-lists and also static mappings for those addresses which I call virtual above.
I have 3 servers which provide the following services (all W2K servers)
192.168.1.1 - gateway - pix internal
192.168.1.2 - root domain controller, DNS, Wins
192.168.1.3 - domain controller, Exchange server 2k & OWA
192.168.1.7 - ftp server
There seems to be a problem with the Internal Active Directory integrated DNS server configuration, this is what I can or cannot do:
- to get www, I type in the gateway above and have no proxy settings in the internet options. I have to type in the local workstations DNS settings on the nic, an external dns server. I have setup forwarders on the internal DNS server (in the properties of the server container) I actually typed in a variety of external dns server ip addresses.
why can't I leave the primary and secondary dns ip addresses as the two internal dns servers, why do I have to insert an external ip dns server here.
- I am getting no resolution from external to internal to these:
ip address 19 assigned to the SMTP
IP address 20 assigned to OWA
ip address 21 assigned to ftp
- I have opened the firewall to ping in and out
- telnetting should be allowed also by default.
- everything I try is not resolved or unreachable
Does anybody know what needs doing on W2k internal DNS or perhaps I should be looking at something else.
I am not very good at DNS, so please explain exactly how to do the configuration...
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :