Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1426
Views
0
Helpful
1
Replies

DNS Pointer (PTR) record and a PIX (Reverse Lookups)

pguibord
Frequent Visitor
Frequent Visitor

‎02-03-2004 06:07 AM

I read the document with the following URL of...

http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml

And the following reads...

"IP addresses in the pool of global addresses specified with the global command require reverse DNS entries to ensure that all external network addresses are accessible through the PIX. To create reverse DNS mappings, use a DNS Pointer (PTR) record in the address-to-name mapping file for each global address. Without the PTR entries, sites can experience slow or intermittent Internet connectivity and FTP requests fail consistently.

For example, if a global IP address is 175.1.1.3 and the domain name for the PIX firewall is pix.caguana.com, the PTR record would be:

3.1.1.175.in-addr.arpa. IN PTR

pix3.caguana.com

4.1.1.175.in-addr.arpa. IN PTR

pix4.caguana.com & so on."

I assume they are talking about creating a reverse lookup with whomever hosts our external DNS?

Do anyone think this creates a security risk putting a PTR record out on the public internet? Just looking for a securiy expert opinion.

Thanks

Paul

Labels:
0 Helpful
1 Reply 1

umedryk
Level 11
Level 11

‎02-09-2004 12:57 PM

As far as my knowledge goes,letting out PTR record is not a threat.

0 Helpful
Customers Also Viewed These Support Documents