07-05-2001 03:42 AM - edited 02-20-2020 09:48 PM
i have a DNS server on DMZ, i want inside users to ping DNS server with his public address
07-10-2001 06:33 AM
You have to do static NAT inside to DMZ and conduit commands required.
07-10-2001 07:06 AM
If your DNS server on the DMZ has a static to the outside, then you are trying to send a packet through the outside interface, then turn back around and come back in the outside interface.
This is essentially a redirect, which the ASA (rule engine) of the PIX will not permit. You should be able to reach the dns server using the private ip address or by domain name if using the alias command.
If you are not using a static for your DNS server, and it is dual-homed, then it should work fine (kind of defeats the purpose of the PIX though).
HTH
Jeff
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide