About jschaeffer1

jschaeffer1 · 06-09-2020

I have a problem where DNS responses over IPv4 are getting dropped between my firewall and switch and are not getting back to the host. This is resulting in failed DNS lookups. Below is my network layout:The DNS standard query responses are getting d...

jschaeffer1 · 06-08-2020

I have an ASA 5508 and I'm trying to allow hosts on the inside network to ping the ASA outside interface. From my understanding requests from a higher security level to a lower should be implicitly allowed, however it looks like all icmp echo request...

jschaeffer1 · 06-11-2020

I figured out the problem. It was an ACL issue on the switch. I had the port in the wrong location on the ACL. It was:permit udp any 10.2.0.0 0.0.255.255 eq domainBut needed to be:permit udp any eq domain 10.2.0.0 0.0.255.255Once I updated the ACL th...

jschaeffer1 · 06-11-2020

I removed the dns inspect from the global_policy policy-map but I'm still unable to resolve DNS queries:class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum...

jschaeffer1 · 06-09-2020

I'm running 9.8(2). I ran the debug inspect dns errors and debug inspect dns events and nothing shows up, even after running my dig request again. When I run the debug inspect dns packets a lot of information is constantly spewed to the screen with i...

jschaeffer1 · 06-08-2020

Good to know, thanks.

Member Since	‎08-26-2019 11:55 AM
Date Last Visited	‎10-18-2024 07:55 AM
Posts	11
Total Helpful Votes Received	5

User Statistics

User Activity

DNS packets dropped between ASA and switch

Allow ping from inside to ASA and traceroute

Re: DNS packets dropped between ASA and switch

Re: DNS packets dropped between ASA and switch

Re: DNS packets dropped between ASA and switch

Re: Allow ping from inside to ASA and traceroute