[c-nsp] dns rewrite on FWSM
Jeff Kell
jeff-kell at utc.edu
Thu Nov 27 11:14:41 EST 2008
Arne Larsen / Region Nordjylland wrote:
> As Jen Likova wrote it should be possible to change the answer from an public dns server.
> My problem is that we got to access RFC1918 address from our internal network to dmz web-servers, and public users need to use public address off cause.
> So by rewriteing the dns answer we wont need to maintain internal dns for the servers on the the dmz.
> But I just can't get it working on the FWSM, I made somthing like this on an asa5510 and that works fine.
Haven't done this in awhile (we split internal/external DNS servers) but
works on PIX and ASA, not sure about FWSM.
Be sure you have DNS rewrite enabled on the static translations for the
DMZ servers.
Jeff
More information about the cisco-nsp
mailing list