Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
450
Views
0
Helpful
1
Replies

Active directory access through PIX

sanjay.sangwan
Level 1
Level 1

‎05-20-2005 10:27 PM - edited ‎02-21-2020 12:09 AM

Hi ,

Windows2000server(inside):PIX: client(outside)

I am trying to login to active directory server from a windows client.I have opened all the necessary ports and mapped a global ip address to the inside server.The server is also acting as a dns.Now when my client from outside is sending a DNS request , the dns is replying with a inside local address of the server rather then outside global.What should I do?

Sanjay

0 Helpful
1 Reply 1

ROBERTO TACCON
Level 4
Level 4

‎05-21-2005 02:55 AM

Which version of PIX do you have ?

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#wp1067379

If the DNS fixup is disabled, the A-record is not NATed and the DNS ID is not matched in requests and responses. By disabling the DNS fixup, the maximum length check on UDP DNS packets can be bypassed and packets greater than the maximum length configured will be permitted.

The PIX Firewall drops DNS packets sent to UDP port 53 that are larger than the configured maximum length. The default value is 512 bytes. A syslog message will be generated when a DNS packet is dropped

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card