Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
441
Views
0
Helpful
1
Replies

PIX and internal DNS Server

rgonzaga
Level 1
Level 1

‎08-31-2004 12:17 PM - edited ‎02-20-2020 11:36 PM

I currently have two internal Win2K3 DNS servers on my internal network that had been working fine. I tried to upgrade my PIX os from 5.1.2 to 6.3.x but that stopped all traffic. I downgraded to 5.2.9 which allowed at least email to flow in again. The problem is that my internal DNS servers now cannot resolve requests from the outside. If I put in the IP of my IPS' DNS servers on the client, it works. The config has not changed but still does not work. Please help this rookie.

0 Helpful
1 Reply 1

piseli
Level 1
Level 1

‎09-03-2004 08:29 AM

This should be fixed with 6.3.3 and higher be sure that you have the:

" fixup protocol dns maximum-length 512 "

If this does not works try:

Workarround two use the alias command:

See:http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml

alias (inside) 10.10.10.10 99.99.99.99 255.255.255.255

!--- This command sets up DNS Doctoring. It is initiated from the clients in

!--- the "inside" network. It watches for DNS replies that contain

!--- 99.99.99.99, then replaces the 99.99.99.99 address with the 10.10.10.10

!--- address in the "DNS reply" sent to the client PC.

sincerly

Patrick

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card