Dear All
I have two separate links terminates on two different ASA 5510 (F11 and F13). behind these firewalls i have one router only to route traffic/switch traffic between two hops (Firewall Inside IPs). Behind this router i have two different VLANs ...VLAN 11 and VALN 13. my primary VLAN is VLAN 11 as my all servers are in this VLAN and its gateway is Firewall F11. and VLAN 13 is only for guest users and its gateway is Firewall F13. Now..... i have configured DHCP relay on F13 to point DHCP server in VLAN11. my all clients are getting IPs from DHCP server (from VLAN13 scope) with option of F13 gateway. On the other hand VLAN11 clients are also getting IPs from same DHCP (from VLAN11 scope). my router's default gateway is F11. Now the scenario is:
F11 has two LAN interfaces
inside11 and inside13
F13 has also two LAN interfaces
winside13 and winside11
all interfaces are EXEMPTED by rule
VLAN11 client goes to router and router sent the traffic to F11.
VLAN13 Client goes directly to F13.
everything was perfect and fine. for some reason my DNS query stop crossing Firewalls. means in cisco router when every i switch traffic's default gateway to F13, my both VLANs stop browsing. before it switches the gateway and my all traffic shifts from F11 to F13. but now when every i switch default gateway in router to point F13, it stop browsing. tracert workis perfectly.
MY QUESTION:
1. y DNS query does not cross FIREWALLS.....
2. nslookup gives DNS error
Please suggest