Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Firewalls Community


dns rewrite

I'm not sure this is the best location for this question but I didn't find a better one.

One of our customers want to be able to use VPN to the local firewall from their guest network, if they connect with the vpn client to the ip address of the guestnetwork interface it's not a problem so I know that part works. They also have the requirement that you should do it with the same dns record from the outside as well as the inside (guest network in this case). So this is the current setup


Ip of outside interface on FW is which is translated to

Ip of guest interface on FW is which doesn't have a translation.

A public dns server is used to translate for the guest user.


So what I want is for the dns request of a guest user which would recieve as a translation of to be rewritten with

I've read a few docs about this and my problem always boils down to the fact that I'm not allowed to do a rewrite of the outside interface (, it conflicts with something. So am I screwed or can this be acomplished in any other way?


Thanks in advance for any question and suggestion.



Everyone's tags (5)
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here