Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
532
Views
0
Helpful
1
Replies

Having internal hosts access DMZ hosts with external DNS name but private IP

mmedwid
Level 3
Level 3

‎08-11-2011 03:09 PM - edited ‎03-11-2019 02:10 PM

Three interface ASA Scenario: Inside 10.10.10.0/24    Outside 4.4.4.10/24     DMZ 192.168.1.0/24

External users resolve www.acme.com to 4.4.4.10 say.

I want internal users to resolve using external DNS but when they that traffic gets

to the ASA I want the traffic to go to 192.168.1.10 the private IP of the server instead

of trying to go outside and failing.  I don't want to have a different internal DNS

setup for a bunch of reasons.

What is the best current method to do this?  I am running ASA OS 8.2. 

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎08-11-2011 03:17 PM

DNS doctoring is the way to do this. See this document for details on how to configure this -

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968c8.shtml

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card