Re: DNS REVERSE LOOKUP THROUGH PIX

rlowe26 · ‎02-16-2004

Ok PIX Firewall Experts, I really NEED YOUR HELP. I have posted the following two times now, and still no one has been able to resolve the issue. I hope you can.

Gentlemen, I have a situation whereas I cannot do DNS REVERSE LOOKUP thru my Pix 515E. There are sites on the .mil (Niprnet), which I have here, that require a DNS REVERSE LOOKUP. When I attempt to go to the site, it gives me the DNS Error and reflects my PAT Address of my Firewall. I CAN GO EVERYWHERE ELSE ON THE INTERNET WITH NO PROBLEM! I have tried everything that I know, everything that I have researched on the Cisco web site, and to no avail, I still cannot get DNS REVERSE LOOKUP THRU MY Firewall. I can only access those particular sites from my two OUTSIDE DNS Servers. Yes, my DNS Configurations inside and outside are correct! Any Help would be greatly appreciated. I have exhausted all possibilities. Thanks in advance! Ron

mostiguy · ‎02-16-2004

we already answered this.

if you are behind PAT, then it is natural that the web server can only see the outside PAT address. The web server is trying to do a reverse dns lookup of that ip address. Do you have a reverse dns record for that ip address?

rlowe26 · ‎02-20-2004

YES.

mostiguy · ‎02-22-2004

who is responsible for the reverse ip address? Did your isp delegate responsibility to you for that block? Are you dns servers responsible for it? Are they behind the pix?

if you want, email me the ip address in question