Bind behind Cisco ASA
Beavis
pfunix at gmail.com
Thu Feb 14 16:30:26 UTC 2008
hehe :) thanks guys!!...
On Thu, Feb 14, 2008 at 10:27 AM, James E. Pratt <jpratt at norwich.edu> wrote:
> Just stating the obvious, but you need to allow UDP 53 as well.. ;)
>
>
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Beavis
>
> Sent: Thursday, February 14, 2008 11:22 AM
> To: Bind-Users-Group
>
> Subject: Re: Bind behind Cisco ASA
>
>
>
> I know that this might have something to do with my asa box as well.
>
> I've tried removing "inspect dns migrated_dns_map"
>
> my policy-map has the following
>
> policy-map type inspect dns migrated_dns_map 1
> parameters
> message-length maximum 512.
>
> I've allowed tcp 53 only on asa, I'm gonna read up and see if I need
> something else.
>
> -beavis
>
> On Thu, Feb 14, 2008 at 10:17 AM, Baird, Josh <jbaird at follett.com>
> wrote:
> > No, our BIND environment sits behind a pair of ASA5520's and we do not
> > have any special configuration.
> >
> > Josh
> >
> >
> > -----Original Message-----
> > From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> > Behalf Of Beavis
> >
> > Sent: Thursday, February 14, 2008 9:38 AM
> > To: Bind-Users-Group
> > Subject: Bind behind Cisco ASA
> >
> >
> >
> > Guys,
> >
> > I'm trying to forward BIND behind an asa5510. and I would like to
> > ask if there are people that has the same setup. are there any extra
> > settings that you've put into named.conf?
> >
> >
> >
> > regards,
> > -beavis
> >
> >
> >
>
>
>
More information about the bind-users
mailing list