alias for PIX 6.3(5)

Discussion in 'Cisco' started by you know who maybe, Nov 9, 2005.

  1. Does this really work? How?

    I've got a webserver with a private IP address like 10.1.1.111 but to the
    outside works it's 222.222.222.222
    A client on my LAN of 10.1.1.0/24 gets 222.222.222.222 from a public DNS
    server which times out when he tries to connect because the server is on
    10.1.1.111, which is on the internal LAN.

    We get around this at one location by using an internal DNS server but for a
    small installation I think it's overkill.

    Thanks
     
    you know who maybe, Nov 9, 2005
    #1
    1. Advertising

  2. you know who maybe

    Vivek Guest

    alias will work. it will replace 222.222.222.222 with 10.1.1.111 in dns
    packets.
     
    Vivek, Nov 9, 2005
    #2
    1. Advertising

  3. In article <>,
    you know who maybe <> wrote:
    :Does this really work? How?

    :I've got a webserver with a private IP address like 10.1.1.111 but to the
    :eek:utside works it's 222.222.222.222
    :A client on my LAN of 10.1.1.0/24 gets 222.222.222.222 from a public DNS
    :server which times out when he tries to connect because the server is on
    :10.1.1.111, which is on the internal LAN.

    :We get around this at one location by using an internal DNS server but for a
    :small installation I think it's overkill.

    You could use 'alias' for this, but then you would not be able to use
    PDM. 'alias' is deprecated.

    Instead, on your "static" line that defines the translation between
    inside and outside, add the keyword 'dns'.
    --
    "It is important to remember that when it comes to law, computers
    never make copies, only human beings make copies. Computers are given
    commands, not permission. Only people can be given permission."
    -- Brad Templeton
     
    Walter Roberson, Nov 9, 2005
    #3
  4. "Walter Roberson" <-cnrc.gc.ca> wrote in message
    news:dktufq$oog$...
    > In article <>,
    > you know who maybe <> wrote:
    > :Does this really work? How?
    >
    > :I've got a webserver with a private IP address like 10.1.1.111 but to the
    > :eek:utside works it's 222.222.222.222
    > :A client on my LAN of 10.1.1.0/24 gets 222.222.222.222 from a public DNS
    > :server which times out when he tries to connect because the server is on
    > :10.1.1.111, which is on the internal LAN.
    >
    > :We get around this at one location by using an internal DNS server but
    > for a
    > :small installation I think it's overkill.
    >
    > You could use 'alias' for this, but then you would not be able to use
    > PDM. 'alias' is deprecated.
    >
    > Instead, on your "static" line that defines the translation between
    > inside and outside, add the keyword 'dns'.
    > --


    Holy cow. I've been asking this question in different ways for a couple
    years on and off and always someone tells me about the alias command, but
    that it breaks PDM. I never put it together that this is what the DNS
    Rewrite features does. I've been looking at that check box in PDM for years
    but never thought about it. Awesome. Thanks again, Walter. Now I have to
    rethink the way we are doing things at the other locations.

    -Bob
     
    you know who maybe, Nov 9, 2005
    #4
  5. you know who maybe

    AM Guest

    > Holy cow. I've been asking this question in different ways for a couple
    > years on and off and always someone tells me about the alias command, but
    > that it breaks PDM. I never put it together that this is what the DNS
    > Rewrite features does. I've been looking at that check box in PDM for years
    > but never thought about it. Awesome. Thanks again, Walter. Now I have to
    > rethink the way we are doing things at the other locations.


    search for "DNS doctoring" on google.

    Bye Alex.
     
    AM, Nov 10, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andy Smith

    Alias to outside NAT PIX 6.2

    Andy Smith, Jan 26, 2004, in forum: Cisco
    Replies:
    3
    Views:
    1,643
    Jason Sowers
    Jan 26, 2004
  2. PES

    PIX DNS rewrite vs Alias

    PES, Jul 17, 2004, in forum: Cisco
    Replies:
    0
    Views:
    3,574
  3. Ivan Ostres

    two alias commands on pix, legal?

    Ivan Ostres, Apr 12, 2005, in forum: Cisco
    Replies:
    0
    Views:
    402
    Ivan Ostres
    Apr 12, 2005
  4. gencode

    PIX - Alias - Outside NAT

    gencode, Mar 17, 2006, in forum: Cisco
    Replies:
    3
    Views:
    4,193
    zillah
    Dec 13, 2006
  5. Giuen
    Replies:
    0
    Views:
    1,059
    Giuen
    Sep 12, 2008
Loading...

Share This Page