Cisco ASA Series Cli Configuration Manual page 775
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Information About NAT
and translates the address inside the DNS reply to 10.1.3.14. If you do not enable DNS reply
modification, then the inside host attempts to send traffic to 209.165.201.10 instead of accessing
ftp.cisco.com directly.
Figure 1-22
3
DNS Reply Modification
209.165.201.10
Figure 1-23
the DMZ network, from an outside DNS server. The DNS server replies with the mapped address
(209.165.201.10) according to the static rule between outside and DMZ even though the user is not on
the DMZ network. The ASA translates the address inside the DNS reply to 10.1.3.14. If the user needs
to access ftp.cisco.com using the real address, then no further configuration is required. If there is also
DNS Reply Modification, DNS Server on Outside
1
DNS Query
ftp.cisco.com?
2
DNS Reply
209.165.201.10
10.1.3.14
4
DNS Reply
10.1.3.14
shows a user on the inside network requesting the IP address for ftp.cisco.com, which is on
DNS Server
Outside
Security
Appliance
Inside
ftp.cisco.com
User
10.1.3.14
Static Translation
on Outside to:
209.165.201.10
5
FTP Request
10.1.3.14
Cisco ASA Series CLI Configuration Guide
DNS and NAT
1-29
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
