Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

shouldnt i be able to? alias

ive added an alias command on my pix and now i can only access the dns server via public ip 67.x.x.x - if alias is another name for something why cant i access the dns server by it's internal ip also 10.10.5.x?

i have to have two rdp connections for the same dns server - if i come in via vpn i have to use 10.10.5.x but if im inside i have to use 67.x.x.x - the server guys are complaining.

ideas?

thanks - Jerry

2 REPLIES
Silver

Re: shouldnt i be able to? alias

Try this example. Replace with your IP address

static (dmz,inside) translated_IP real_ip dns

ip address inside 10.1.1.1 255.255.255.0

ip address dmz 172.16.1.1 255.255.255.0

static (dmz,outside) x.x.x.x 172.16.1.5 netmask 255.255.255.255

static (dmz,inside) x.x.x.x 172.16.1.5 netmask 255.255.255.255 dns

For more info about alias Command for the Cisco Secure PIX Firewall

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml

New Member

Re: shouldnt i be able to? alias

after i read your reply this morning i was able to ping the internal ip in the dmz - 10.10.5.36 from inside 172.16.1.x with out any changes but as fast as it worked it stopped working again. i have this:

static (DMZ1,outside) 67.13.3.x 10.10.5.36 netmask 255.255.255.255

then i added this:

static (DMZ1,inside) 67.13.3.x 10.10.5.36 netmask 255.255.255.255

cleared xlate and i still couldnt ping it.

im stumped - Jerry

89
Views
0
Helpful
2
Replies