Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1097
Views
0
Helpful
3
Replies

Stop reverse DNS resolution on a WSA

Dominick Converse
Level 1
Level 1

‎01-22-2013 02:43 PM

I have an SMA that manages multiple WSA's across the globe. Due to routing in one location we have found a large amount of traffic being generated by our WSA trying to do a reverse lookup of my SMA's ip address externally. We do not have a reverse lookup for the SMA as it is an internal appliance. Is there a way to stop the reverse lookup from occuring via a configuration on the WSA?Any help is appreciated.

Thanks

Labels:
0 Helpful
3 Replies 3

Erik Kaiser
Cisco Employee
Cisco Employee

‎01-24-2013 08:58 AM

Hi Dominick,

I will look into this for you today and provide you with an answer.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator
0 Helpful

Erik Kaiser
Cisco Employee
Cisco Employee

‎01-24-2013 09:07 AM

Hi Dominick,

I have a solution for your problem. You will need to log into the CLI of the WSA and issue the following commands:

s370r01.csw> dnsconfig

Currently using the local DNS cache servers:

1. Priority: 0  10.9.8.8

Choose the operation you want to perform:

- NEW - Add a new server.

- EDIT - Edit a server.

- DELETE - Remove a server.

- SETUP - Configure general settings.

- SEARCH - Configure DNS domain search list.

[]> localhosts <----- Hidden Command

Local IP to Host mappings:

Choose the operation you want to perform:

- NEW - Add new local IP to host mapping.

- DELETE - Delete an existing mapping.

[]> new

Enter the IP address of the host you are adding.

[]> 10.1.1.1 < -------- IP of the M series

Enter the canonical host name and any additional aliases (separate values with spaces)

[]> Host name of the M series. Hit enter until you get back to the command prompt and type commit then enter.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator
0 Helpful

Dominick Converse
Level 1
Level 1
In response to Erik Kaiser

‎01-24-2013 11:16 AM

Erik,

Thanks for the reply, I made this configuration change and my telecom group is reviewing the traffic patterns to see if this fixed the issue. I was able to do a forward DNS lookup in my WSA and it resolves from this localhost, but I do not get a response when I do a reverse lookup for the ip of this host.

Dominck

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents