[c-nsp] dns rewrite on FWSM

Arne Larsen / Region Nordjylland arla at rn.dk
Thu Nov 27 09:25:28 EST 2008


 Hi Arie.

As Jen Likova wrote it should be possible to change the answer from an public dns server.
My problem is that we got to access RFC1918 address from our internal network to dmz web-servers, and public users need to use public address off cause.
So by rewriteing the dns answer we wont need to maintain internal dns for the servers on the the dmz.
But I just can't get it working on the FWSM, I made somthing like this on an asa5510 and that works fine.

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/cfgnat_f.html#wp1042753


/Arne
-----Oprindelig meddelelse-----
Fra: Arie Vayner (avayner) [mailto:avayner at cisco.com]
Sendt: 27. november 2008 14:08
Til: Arne Larsen / Region Nordjylland; cisco-nsp at puck.nether.net
Emne: RE: [c-nsp] dns rewrite on FWSM

Arne,

Can you please explain what you want to achieve? What do you mean by DNS Rewrite?

Thanks
Arie

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Arne Larsen / Region Nordjylland
Sent: Thursday, November 27, 2008 11:34 AM
To: 'cisco-nsp at puck.nether.net'
Subject: [c-nsp] dns rewrite on FWSM


Hi Folks.

Isn't it possible to do rewrite dns on a Firewall service modul, or do I need to make an upgrade off the software ??
I'm current running  3.1(6).

/Arne
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list