From: djtowns@webtribe.net
Date: Fri Nov 15 2002 - 11:15:36 GMT-3
We have a bunch of PC's on our inside network, they access an
external company via a PIX 525 firewall running 6.2.2 software.
There is now a requirement for the PC's to perform DNS lookups
to the 3rd party companies DNS server sat off the outside
interface.
The problem is that we need to be able to use a global pool of
addresses to cut down on the number of required inside addresses
to satisfy the DNS lookups.
PC ---- PIX ------ DNS Server
Inside outside
I was expecting the following config to work - but it dosn't !!
global (inside) 2 10.1.1.1-10.1.1.63 netmask 255.255.255.192
nat (outside) 2 0.0.0.0 0.0.0.0 dns outside
requests still come through un nat'ed
Help !!!!!
>Haven't done it - but am curious what specifically you are
trying to do?
>Looks interesting and something I'd like to try - once I
understand what it
>means :)
>
>
>-----Original Message-----
>From: djtowns@webtribe.net [mailto:djtowns@webtribe.net]
>Sent: Friday, November 15, 2002 7:36 AM
>To: ccielab@groupstudy.com
>Subject: DNS Lookups using PIX 6.2.2
>
>
>Has anybody had any experience on configuring a PIX to NAT DNS
>queries from an outside DNS server to an inside range.
>
>I can get this working using static :
>
>static (inside,outside) 10.1.1.0 204.12.8.0 dns netmask
>255.255.255.0 0 0
>
>however I need to get this working using the Global and NAT
>commands to save on addressing space, has anyone had any
success
>with this ???
>
>Thanks
>
>Dyls
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:01 GMT-3