You know I've had similar weirdness with my Pix (6.3) and DNS. I have 2 internal AD DNS servers and 2 external BIND DNS servers. The 2 external DNS servers sit outside the PIX and AD DNS server obviously sit behind the Pix on the inside network.
I have a host mail that has a different DNS entry on both internal and external name servers. Let's say internally the IP is 10.1.1.10 and externally 203.132.60.10. When I am on a host on the internal network and query the external name server it seems like the response comes from the internal dns server... example below: I'm trying to resolve mail on the external name server. When I'm on the external name server (or outside the Pix) the response is always 203.132.60.10. However, when I'm on an internal host and do a look up against the external name server I get 10.1.1.10 as the answer everytime! So it seems like the Pix is grabbing that DNS query and sending it to the internal name server instead of letting it through... Any ideas as to why?? Stevo wrote in message news:[EMAIL PROTECTED] > PIX treats DNS queries little different, especially replies. The client > has the potential of contacting multiple DNS servers sequentially in the > event the first one experiencing some delays. The PIX keeps track of > all them and allows one reply to come back through. I'm not sure if > things changed in the version but its a good idea to check.. HTH > > Thanks...............Nabil > > "I have never let my schooling interfere with my education." > > > > Andrew > Larkins > > cc: > Sent by: Subject: RE: PIX DNS Issue > [7:72685] > > [EMAIL PROTECTED] > > om > > > 07/21/2003 09:41 > AM > Please respond > to > Andrew > Larkins > > > > > > > Please send the config and we can have a look. > > -----Original Message----- > From: Tunde Kalejaiye [mailto:[EMAIL PROTECTED] > Sent: 21 July 2003 11:57 > To: [EMAIL PROTECTED] > Subject: PIX DNS Issue [7:72685] > > > I swapped a router running ios firewall with a pix 506e and i have been > having > all sorts of issues. first, is the DNS....all clients use an internal > DNS > server which forwards all request to an external DNS server....this > works > fine > with the router but with the PIX it doesnt work. when i configured the > clients > to use the external DNS server everything worked fine. The pix box is > running > the 6.3 code. > > > i know i am missing something...but can't figure it out yet...i really > would > appreciate any comments. > > regards, > > Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72711&t=72685 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
