Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX DMZ address resolution

My external DNS servers are on a PIX DMZ interface and they support multiple Web and Application servers on the same phyical subnet. When one of these servers attempts to access a site ON THE SAME PHYSICAL SUBNET, the DNS query resolves to an external address and the connection fails.

I have an ALIAS statement but this does not work in this instance becuase the lookup does not go through the PIX. If I use NSLOOKUP and attach to a DNS server on the outside of the PIX, the ALIAS commands takes over and things work properly.

I suppose I could make these servers use someone elses DNS (external to the PIX), but I'd rather use my external DNS servers.

Any ideas?

1 REPLY
Silver

Re: PIX DMZ address resolution

The workaround is to reverse the alias addresses. See these docs for help. http://www.cisco.com/warp/public/110/pixfaq.shtml#Q15 and http://www.cisco.com/warp/public/110/alias.html

85
Views
0
Helpful
1
Replies