PIX 501 relay client DNS requests out to an internet DNS server?

Discussion in 'Cisco' started by nicough, Nov 17, 2006.

  1. nicough

    nicough Guest

    router = 10.0.0.254
    pix outside = 10.0.0.1
    pix inside = 192.168.0.254
    client = 192.168.0.1
    client dns = 192.168.0.254

    pix config:

    ip address outside 10.0.0.1 255.255.255.0
    ip address inside 192.168.0.254 255.255.255.0
    route outside 0.0.0.0 0.0.0.0 10.0.0.254
    dhcpd address 192.168.0.50-192.168.0.90 inside
    dhcpd enable inside
    dhcpd dns 192.168.0.254


    How can a PIX 501 relay client DNS requests out to an internet DNS
    server?
    I want to specify the PIX outside address, rather than receive it via
    dhcp.

    Thanks
    Nick
     
    nicough, Nov 17, 2006
    #1
    1. Advertisements

  2. nicough

    Rohan Guest

    There are many ways to do this and it all depends on how much access you
    want between the Inside interface of the firewall to the outside

    Based on what you provided above you could write in the following:

    access-list DNS permit udp 192.168.0.1 255.255.255.0 any eq 53
    global (outside) 1 10.0.0.50-10.0.0.90 netmask 255.255.255.0
    nat (inside) 1 access-list DNS
     
    Rohan, Nov 18, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.