Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
194
Views
0
Helpful
1
Replies

Cisco ASA 5500 device DNS server failover settings

Go to solution
seansobey
Level 1
Level 1

‎09-15-2015 08:27 AM - edited ‎03-11-2019 11:36 PM

This morning my site had our primary DNS go down, we have 3 DNS servers in the DNS settings tab on all our nics, we have 5 subnets associated to our site. Now when our primary DNS went down we here at our main site were still able to resolve both internal and external, however one subnet range was isolated no internal or external. This subnet range gets there DHCP and DNS Server settings from a Cisco ASA 5500 device series.

No workstations were rebooted at this time, all workstations getting these same settings via Microsoft failed over to the second DNS server in the list.

My question is this, why didn't the cisco ASA 5500 series device move down to the second DNS server and as such restore access? Is it suppose to dynamically go down the list if the primary went down? If I need to to re-write the cli statement then how would I need to state it?

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎09-17-2015 04:16 AM

Hi,

So , which DNS settings are you referring to ? The DNS being pushed using the ASA DHCP server ?

If yes , the DNS reachability is not checked by the ASA device but by the PC.

ASA only uses DNS when it has to lookup the Domain Name for it;s own use. For ex:- FQDN acl etc.

If the Primary DNS does not work , it automatically moves to the next one.

Thanks and Regards,

Vibhor Amrodia

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎09-17-2015 04:16 AM

Hi,

So , which DNS settings are you referring to ? The DNS being pushed using the ASA DHCP server ?

If yes , the DNS reachability is not checked by the ASA device but by the PC.

ASA only uses DNS when it has to lookup the Domain Name for it;s own use. For ex:- FQDN acl etc.

If the Primary DNS does not work , it automatically moves to the next one.

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card