Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
0
Helpful
1
Replies

DNS and ASA 5510

london.ism
Level 1
Level 1

‎09-19-2009 09:03 AM - edited ‎03-11-2019 09:17 AM

Hi guys

I have a question on DNS and ASA.

Does anyone know of any issues with ASA 5510 firewalls not forwarding or blocking DNS packets? Could this be related to an software upgrade from an earlier version to 7.2(4)?

I turned dns inspection and dns-guard off, still not happening.

Many thanks

Elena

Labels:
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎09-26-2009 05:26 AM

What do you see in the logs when it (dns: udp 53) fails?

Is this traffic allowed by the acl applied on the ingress interface?

pls. enable logging:

conf t

logging enable

logging buffered 7

exit

sh logg | i x.x.x.x

where x.x.x.x is the host on the inside that has trouble with dns.

Besides the above you can apply captures on the ingress and egress interface to see if we are sending the resquest out the outside interface and if the response is seen or not.

You can refer this link for packet captures:

http://analysisandreview.com/cisco/how-to-configure-a-packet-capture-in-the-cisco-asa/

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card