Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
617
Views
0
Helpful
1
Replies

DNS server in the DMZ

octroncisco
Level 1
Level 1

‎03-02-2010 02:38 AM - edited ‎03-11-2019 10:16 AM

Hello,

We have a PIX firewall and We are thinking to move our external DNS server to our DMZ. We're using DNS Doctoring:

static (dmz,outside) DMZ_server1_public_IP DMZ_server1_private_IP netmask 255.255.255.255 dns

static (dmz,outside) DMZ_server2_public_IP DMZ_server2_private_IP netmask 255.255.255.255 dns

If I specify our DMZ hosts private IP address to the DMZ DNS server, It will work fine when an external user try to resolve a DNS name. For example, if an external user try to resolve our server1 DNS name, He will get the correct public IP address or He will get the private IP address specified in the DNS server?

Best Regards,

Labels:
0 Helpful
1 Reply 1

chris.cumbaa
Level 1
Level 1

‎03-15-2010 08:21 AM

This is more a DNS question than a firewall question.  The querying device would receive whatever IP address you have configured in the zone file.  If you have your private IPs configured, that's what it would get in response.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card