Hello All,
We have an internal DNS server that all internal hosts do lookups to .. these requests are forwarded onto opendns for anything the dns server isnt authorative for.. My question is we have purchased the botnet filter and this requires the asa5505 dns client to be active on at least one interface .. Should i point the asa dns to an external IP such as 8.8.8.8 and apply DNS enabled on interface outside ( am using asdm)
I dont want the ASA to control DNS for our internal clients we already have a internal server for this, i DO want the asa5505 to check dns packets against its botnet filter, whilst still using open dns for forwarding ... how can one do this ?
TIA