Cisco ASA 5505 User Manual

Page 580

Advertising
background image

29-26

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 29 Information About NAT

DNS and NAT

a static rule between the inside and DMZ, then you also need to enable DNS reply modification on this
rule. The DNS reply will then be modified two times.In this case, the ASA again translates the address
inside the DNS reply to 192.168.1.10 according to the static rule between inside and DMZ.

Figure 29-23

DNS Reply Modification, DNS Server, Host, and Server on Separate Networks

DNS Server

Outside

Inside

User

1

2

3

5

6

DNS Reply Modification 1

209.165.201.10

10.1.3.14

7

Translation

10.1.3.14

4

DNS Reply Modification 2

10.1.3.14

DNS Reply

209.165.201.10

DNS Reply

DNS Query

ftp.cisco.com?

FTP Request

ASA

ftp.cisco.com

10.1.3.14

Static Translation 1

on Outside to:

209.165.201.10

Static Translation 2

on Inside to:

192.168.1.10

192.168.1.10

192.168.1.10

192.168.1.10

192.168.1.10

DMZ

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals