Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
777
Views
0
Helpful
2
Replies

question about alias command

cuijian.vip
Level 1
Level 1

‎11-30-2007 01:27 AM - edited ‎03-05-2019 07:44 PM

who can tell me alias command's function

topology like this:

inside lan ------pix---- outside internet

lan ip : 192.168.1.0

lan server ip : 192.168.1.100

outside ip : 60.60.60.60

outside server ip : 60.60.60.100

somebody tell me the alias can achieve functions like below:

rewrite the DNS packet's address with inside address

when my inside host 192.168.1.2 want to access the inside server's web pages.

the inside host enter "http://www.alias.com" into the IE address bar.

and he will get the DNS answer of 60.60.60.100,that address is the inside server's nat outside address in fact.

if we don't use alias command,we will not get 60.60.60.100's web pages.

using alias,the 60.60.60.100 will be rewrite to 192.168.1.100.

my question is , if alias can only change the DNS's reply?

if alias can help us,when we type url "60.60.60.100" directly from our IE address bar ?

Labels:
0 Helpful
2 Replies 2

Edison Ortiz
Hall of Fame
Hall of Fame

‎12-02-2007 04:03 PM

Not sure if the command in question is for the PIX or regular IOS.

For regular IOS, please see:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hcf_r/cfn_01h.htm#wp1127543

0 Helpful

williamsdo
Level 3
Level 3

‎12-02-2007 06:34 PM

Hi, leave it to cisco to bring confusion to a simple command like alias. The CLI connamd line alias is a way to reduce your key strokes when entering commands by CLI, 2 the alias command for the PIX can change the DNS response read the document below. Hope thi sis helpful.

Introduction

This document explains the use of the alias command on the Cisco Secure PIX Firewall.

The alias command has two functions:

You can use the alias command to perform DNS Doctoring of DNS replies from an external DNS server.

In DNS Doctoring, the PIX changes the DNS response from a DNS server to be a different IP address than the DNS server actually answered for a given name.

This process is used when you want the actual application call from the internal client to connect to an internal server by its internal IP address.

You can use this command to perform Destination NAT (dnat) of one destination IP address to another IP address.

In dnat, the PIX changes the destination IP of an application call from one IP address to another IP address.

This process is used when you want the actual application call from the internal client to the server in a perimeter (dmz) network by its external IP address. This does not "doctor" the DNS replies.

For example, if a host sends a packet to 99.99.99.99, you can use the alias command to redirect traffic to another address, such as 10.10.10.10. You can also use this command to prevent conflicts when you have IP addresses on a network that are the same as those on the Internet or another intranet. Consult the PIX documentation for more information

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card