Bind behind Cisco ASA
Baird, Josh
jbaird at follett.com
Thu Feb 14 16:25:03 UTC 2008
You need UDP/53.
Josh
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Beavis
Sent: Thursday, February 14, 2008 10:22 AM
To: Bind-Users-Group
Subject: Re: Bind behind Cisco ASA
I know that this might have something to do with my asa box as well.
I've tried removing "inspect dns migrated_dns_map"
my policy-map has the following
policy-map type inspect dns migrated_dns_map 1
parameters
message-length maximum 512.
I've allowed tcp 53 only on asa, I'm gonna read up and see if I need
something else.
-beavis
On Thu, Feb 14, 2008 at 10:17 AM, Baird, Josh <jbaird at follett.com>
wrote:
> No, our BIND environment sits behind a pair of ASA5520's and we do not
> have any special configuration.
>
> Josh
>
>
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Beavis
>
> Sent: Thursday, February 14, 2008 9:38 AM
> To: Bind-Users-Group
> Subject: Bind behind Cisco ASA
>
>
>
> Guys,
>
> I'm trying to forward BIND behind an asa5510. and I would like to
> ask if there are people that has the same setup. are there any extra
> settings that you've put into named.conf?
>
>
>
> regards,
> -beavis
>
>
>
More information about the bind-users
mailing list