5510 Cisco can be configured to make dns relay?

Hello

My client uses the public dns, but they do not want dhcp to give public DNS dns. They want him to point on firewall, then only one firewall before the public DNS dns. Would it be possible for ASA 5510?

Kind regards

Hing

Hing,

So-you can configure a static on the SAA statement that will correspond to the IP address of the DNS.  For example:

public static 10.1.1.253 (exterior, Interior) 1.1.1.1

You must also ensure that traffic UDP 53 is also allowed via your inside interface access list.  On your DHCP server, then you re 10.1.1.253 as your DNS server IP address - in reality, the ASA will result simply the real 1.1.1.1 that IP address.

Hope this helps,

Kevin

Tags: Cisco Security

Similar Questions

  • Can I configure Cisco (AIR-CAP1602I-T-K9) 1602i offline?

    Hi everyone, please, I need help here.

    I bought 3 Cisco (AIR-CAP1602I-T-K9) 1602i but I did not buy a controller. How can I configure then offline?

    I saw in other forums, I need to change the IOS software to a stand-alone software. They suggested the ap1g2-k9w7 - tar.152 - 4.JA1.tar. I would like to know if this is the right software and if there is no problem with the license if I download and use it.

    Explanation of the differences between AIR-CAP-1602i-x-K9 e AIR-SAP-1602i-x-K9

    http://community.Spiceworks.com/topic/448208-Cisco-Aironet-1602i-questions-issues

    How to convert standalone IOS

    http://www.experts-exchange.com/Networking/Wireless/Q_28245190.html

    Download IOS:

    http://software.Cisco.com/download/release.html?mdfid=284366503&softwareid=280775090&release=15.2.4-JA1&flowid=37523

    Thank you.

    Wesley

    Hello

    Yes, you must pass in stand-alone mode. Yes, this is the right software and you will not face any problem regarding the license.

    But to download the standalone AP image of cisco, you need a CCO (Cisco connection) and the valid service contract.

    Here is the final image: can download here

    http://software.Cisco.com/download/release.html?mdfid=284366503&flowid=3...

    How to covert to lAP for standalone:

    http://www.YouTube.com/watch?v=QQ_NuxdRhQ4

    http://rscciew.WordPress.com/2014/05/07/access-point-conversion-lap-to-a...

    Concerning

    Remember messages useful rates

  • ASA 5510 can be configured as bridge mode and always send Netflow information to a collector

    ASA 5510 can be configured as bridge mode and always send Netflow information to a collector?

    We have a PIX connect internal network to the internet. Because PIX does not support NetFlow, as temporary solution, we thought to a 5510 ASA between the PIX and the internet gateway and configure as a bridge so that there will be no problem routing, and the SAA can always send Netflow information to a collector.

    Can someone please advise if this is possible?

    Thank you.

    I have not tried, but as a Netflow service policy should work in routed and transparent mode. Reference.

    Why don't you just replace the Pix with the ASA in routed mode?

  • How gemfire locator can be configured to return the full DNS name for the customer?

    We have an index running before 2 cache servers,

    Locator.DomainA == > Server1.DomainA, Server2.DomainA.

    the problem is when the customer (customer. DomainB) try to access gemfire via locator, it up ' get: not connected to GemFire' exception, the reason is that the Client.DomainB uses the full name "Locator.DomainA" to access the gemfire, the Locator maintains only the servers host name, when the client runs the query, it access Server1 or Server2, but in this case, the networking is not connected.

    How gemfire locator can be configured to return the full DNS name for the customer?

    in gemfire.properties, Locator attribute is full domain name already.

    Thank you

    Yao

    There is a parameter for hostname for the customers that you can put in your cache.xml file cache-server element. It is a string that is passed the server for the location, and then on the Locator for the customer. You must set this client-to-host name in each of your cache servers.

  • What can I do to make my wifi signal is getting better?

    What can I do to make my better wifi signal?

    The distance is the problem more obvious - there is a certain optimal range that the wireless signal can travel. If the network is covering an area larger than the router is able to transmit, or if there is a lot of corners for everyone and walls to penetrate, performance will take a hit. Interference is also a big problem, especially for those living in densely populated areas. Signals from other wireless networks and electronics can impact speeds, that can the physical obstacles, such as walls.

    You can always look at your router administrator interface to see how many devices are connected. Or use a network Analyzer to see if you have unknown machines on your network. If it is a network that is open, close it. Configure security - preference WPA2, WEP is not as strong and put in a password that is difficult for others to guess.

  • How can I configure mobile android password manager copy all of my passwords from firefox to my office?

    How can I configure my new mobile password manager for my android phone copy all of my passwords from firefox to my office?
    Right now, I noticed there is only about 8 passwords listed.
    But my office saved password manager has about 50 listed.
    This makes me think that the android app is to choose only to remember what I saved directly with my android. I want to capture all my saved passwords from my desktop also.
    I tried recheck my firefox sync options, but only confirmed that I don't have this game automatically synchronize all my data (including passwords.)

    I found that I have to press the 'Menu' (three horizontal lines in a square) in the mobile view and connect until I'm able to meet Firefox on Android.

    Now that you're on your desktop: try passwords uncheck in synchronization preferences, wait a few seconds, then check again. Then on your phone, the settings of the open Android app, accounts & sync, choose your Firefox Sync account, then Menu > sync now.

  • Satellite A200-1AE: How can I configure the settings of buttons Dual Mode Pad?

    Hello

    I recently bought a Satellite A200-1AE. I tried to configure the default first button on my touch pad (lower left) so that I can fire up MSWord, but it did not work.

    Now every time I have set the mode button and press this button, that nothing not to pass - I lost practically this button.

    My question is how can I configure the mode button on the touch pad settings? Even if I was able to start a program by using the 3 buttons how can I modify these programs?

    Thanks for your help!

    p.s. I read the extended version of the manual for my laptop. There is no explanation of my problem - it says I should look "Synaptics Dual Mode Pad properties.

    I don't know where are these properties.

    Hello

    It s is not so difficult as you think, the properties of the synaptics are in the "mouse properties" of your "Control Panel" of windows. When you reach the 'mouse', then click on the "Advanced" tab and you should find a button 'Advanced functionality settings'.
    It could be that the button is not named as mine, but it must be identical.
    After clicking on it, you should look for this 'easy' Launcher in one of the tabs.

    I think that you will make it, but I'd like some feedback from you.

    Welcome them

  • How can I configure a new TimeCapsule for an existing network without having to activate the internal networks?

    I tried to go in advance and choose "Add TimeCapsule to the existing network", but it keeps defaulting to 'add a new network '.

    without having to activate the internal networks?

    "Add TimeCapsule to the existing network.

    You cannot add a TC in an existing network, if there is.

    You must configure the TC for the network.

    It keeps default back to "add a new network.

    So, it's OK... The TC is part of an existing network or makes a new.

    You must connect to the TC network... either wireless or ethernet.

    However, you can manually configure the TC simply plug ethernet for example.

    See, cable using Time Capsule for Mac for backup only.

    The same can be done for the wireless... but a TC is really the bad device for backups if you don't have a network... It's cheaper, faster and more reliable by using a USB key.

  • Can I configure NISE with a switch of party - if the switch is not installed?

    I've never used NOR Switch before Executive - we hope to use it on a new project.

    We do not have equipment at the moment - we will use a Pickering 40-540-021 '132 x 4' switch.

    I would like to configure NI Switch Executive before Pickering delivered cards, is it possible? I get an error when I create the NI Switch Executive virtual device. Seems that MAX is trying to communicate with the switch card before allowing me to configure routes/exclusions/groups etc..

    Here's what I've done so far:

    -Install the drivers of Pickering.

    -To the MAX (v5) I have setup a session driver IVI and logical name.

    When I try to create a new NI Switch Executive peripheral virtual, I add the logical name of the switch, click [next] and get the NISE error...

    "An error occurred so they were trying to access the devices PROJECTSWITCH. The primary error: unknown status code (Hex 0xBFFA400C).

    I see that a virtual device is created with no logical switch assigned. I get the error even if I try and add a logical switch manually to the virtual device NISE.

    Is it because the switch Board is not available for the system? Can I configure the routing/groups/exclusions without the device being mounted physically switch?

    Thank you

    Alan

    Alan.


    Seems that MAX is trying to communicate with the switch card before allowing me to configure routes/exclusions/groups etc..

    This should be the expected behavior. NEITHER Switch Executive tries to communicate with the instrument before allowing you to configure routes to ensure that there is no problem that would affect the operation of the Switch Executive. In your case the pilot trying to communicate with a non-existent device.

    I would like to configure NI Switch Executive before Pickering delivered cards, is it possible? Can I configure the routing/groups/exclusions without the device being mounted physically switch?

    It is possible that all compatible IVI devices should have the ability to simulate.

    It seems that you have configured your session of IVI driver incorrectly for a simulated device. I try and make sure that in the session driver, under the 'Général' tab, select the drop down menu to "Simulate with" and select 'Specific driver' and then click 'Save the IVI Configuration'. This will return the Pickering driver selected in the 'software' tab and simulate a device. This should allow you to create a virtual device NI Switch Executive and develop and test the code on the simulated instruments.

    I would like to know if you have any other questions.

  • Why IMAP periodically deletes eveerything in my Inbox? What a pain. How can I configure to never delete?

    IMAP periodically deletes everything in my Inbox, and it's a real pain!  How can I configure my office to never delete the messages from the Inbox - I'd like to be the one who decides to delete something.  I checked that my iPad is set to never remove items from the Inbox.  I don't know how to make sure that my office has the same way.

    First of all, nobody here can guess what e-mail program you're talking about.

    Second of all, go on the forum that takes care of this e-mail program.

  • Security log: How can I configure the journal required in a password?

    I have guests at home I don't want to have access to my computer. How can I configure the journal required in a password?

    Hello

    This should help:

    How to Make Windows 7 require a username and password with a Log on
    http://www.SevenForums.com/tutorials/61650-log-user-name-password.html

    If you later want to have auto login:

    How to automatically log on a user account to Windows 7 startup
    http://www.SevenForums.com/tutorials/377-log-automatically-startup.html

    How to automatically log on a user account in Windows 7
    http://pcsupport.about.com/od/Windows7/HT/auto-logon-Windows-7.htm

    I hope this helps.

  • How can I configure Outlook Express automatically download new email messages

    How can I configure the computer automatically download all new e-mail messages without selecting send/receive, when I have Outlook Express on?

    Tools | Options | In general. The arrival of messages every X minutes.

    Tools | Accounts | Mail | Properties | In general. Make sure that "include this account...". "is checked.

  • I want to share folders on my xp pro sp3 PC. How can I configure it so that a login prompt appears when users connect to it as \\ip\shared... ?

    I want to share folders on my xp pro sp3 PC. How can I configure it so that a login prompt appears when users connect to it as \\ip\shared... ?

    Hi Kelvin,

    You can share a folder on your XP by the listed method: http://support.microsoft.com/kb/304040

    Others have an option to connect to your pc as a guest, to make interactive you will need to click on start-> run, type &-> gpedit.msc

    Navigate to Computer Configuration-> Windows settings-> Security-> Security Option settings. On the right side, look for-> ' access network: model sharing and security for local accounts "-> double click and select-> classic-Local user authenticate.

    Now another pc you can access this computer and you will be asked for the username and password.

    I hope this helps.

  • Can I configure SPA3000 or SPA2100 somewhere else?


    Its possible, but you may have problems of implementation.

    You must either know external IP of far-off spa or you must configure an entry system (DDNS) for the outermost dynamic domain name.  A DDNS service is a symbolic name that translates into a current to the external ip address DNS system.  To configure a dynamic dns entry you join a service like DynDNS.com, which gives you a symbolic name for your location.  You determine a technique to keep the IP updated to the service when it changes over time.  The simplest method is to have a router that supports the service and sends a message when your ISP changes your ip address.  Another method is to run a program on a pc that often allows to check the external ip address and notify your service which has changed the ip address.

    You access your remote spa using port number and external ip address.  The default port number is 80, but there is also a setting where you can change the port number to access the card.  It is probably safer to change the port number.  You should also put a password on the access of the user and Admin of the adapter.

    You must send the port number of the adapter into your router access to the adapter, otherwise the router firewall will reject unsolicited incoming packets.

  • How can I configure the WAG120N as a router only?

    How can I configure the WAG120N as a router only because I don't want to use it as a modem and router?

    I want to connect the WAG120N via a cable to a modem that will make the internet connection and only use the WAG120N like a wireless router.

    Thank you for your help.

    How to configure the WAN connection? Which requires your ISP?

    Shows the status page?

    You have a working internet connection with a public IP address if you connect your computer directly to the modem? It works with two different computers?

    If you have cable internet try to use the MAC address cloning feature and clone the MAC address of the computer that has an internet connection when it is connected directly to the modem.

Maybe you are looking for