Solved: Re: ERROR: DNS policy-map preset_dns_map not configured

gdy1039 · ‎10-30-2017

Hello

I have a cisco asa 5505, IOS 9.1.6

I have a question that when I try to type below command, it can not configure.

LTHCN031(config-pmap-c)# inspect dns preset_dns_map

ERROR: DNS policy-map preset_dns_map not configured

would someone can guide me how to let it work?

Thank you very much.

Scott Gao

Jennifer Halim · ‎10-30-2017

You would need to configure policy-map for the dns inspection first and configure all the dns parameter that you would like to inspect under the policy-map:
policy-map type inspect dns preset_dns_map

Here is the configuration guide for your reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/inspect_basic.html#10154

Hope that helps.

gdy1039 · ‎10-30-2017

anyone have idea?

Jennifer Halim · ‎10-30-2017

You would need to configure policy-map for the dns inspection first and configure all the dns parameter that you would like to inspect under the policy-map:
policy-map type inspect dns preset_dns_map

Here is the configuration guide for your reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/inspect_basic.html#10154

Hope that helps.

gdy1039 · ‎12-18-2017

I preset some command as below, then the command can be work.

Thanks your reply.

++++++++++++++++++++++++++++++++++++++

policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512

++++++++++++++++++++++++++++++++++++