Solved: ASA 5505 DNS Query

daliborpakrac1972 · ‎07-29-2016

Hi

I have ASA 5505 with software 9.2.4. I have one computer and its IP address is 192.168.1.200 and I have an internal domain controller with address 192.168.0.25.

I wanted that this pc can do name resolution using this internal controller.

So i have created access list that states source is 192.168.1.200 destination is 192.168.0.25 and service is tcp/udp domain. this PC is in DMZ zone and domain controller is inside interface.

so i created access list to allow that trafic. But it didnt work

But after i have replaced tcp/udp-domain service with ip then it started working.

But I know this is not right way to do it since now all ports are open which I dont want

Is there any way to configure DNS access from DMZ to inside to do DNS name resolution

I would use ASDM

Kornelia Gutierrez · ‎08-02-2016

Hi,

Could you please show how are the acls built?

View solution in original post

Kornelia Gutierrez · ‎08-02-2016

Hi,

Could you please show how are the acls built?

daliborpakrac1972 · ‎08-03-2016

Hi

I am all good now. Out of the box ASA 5505 has everything configured for internet access and access to lower security interface. But once I configured first access list then everything stopped working

Once I created proper access lists everything is in business now DNS file share internet etc