Hi,
If you mean that you want the ASA to do DNS lookups then this is how I enabled in my own firewall
dns domain-lookup WAN
dns server-group DefaultDNS
name-server x.x.x.x
name-server y.y.y.y
Where
- x.x.x.x = Primary ISP DNS server
- y.y.y.y = Secondary ISP DNS server
- WAN = My "outside" interface
- dns domain-lookup = activates the DNS lookup on certain interface
After this I can for example create and "object" which contains a FQDN and it can be then used on the ASA to build rules and ASA will update the IP address of the host at certain interval. Though I havent had much use for this personally.
- Jouni