10-27
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 10 NAT Examples and Reference
DNS and NAT
Step 4 Create a network object for the inside IPv6 network, and configure dynamic NAT with a PAT pool.
hostname(config)# object network IPv6_INSIDE
hostname(config-network-object)# subnet 2001:DB8::/96
hostname(config-network-object)# nat (inside,outside) dynamic pat-pool IPv4_POOL
PTR Modification, DNS Server on Host Network
The following figure shows an FTP server and DNS server on the outside. The ASA has a static
translation for the outside server. In this case, when an inside user performs a reverse DNS lookup for
10.1.2.56, the ASA modifies the reverse DNS query with the real address, and the DNS server responds
with the server name, ftp.cisco.com.
Figure 10-22 PTR Modification, DNS Server on Host Network
ftp.cisco.com
209.165.201.10
DNS Server
Outside
Inside
User
10.1.2.27
Static Translation on Inside to:
10.1.2.56
1
2
4
3
Reverse DNS Query
209.165.201.10
Reverse DNS Query Modification
209.165.201.1010.1.2.56
PTR Record
ftp.cisco.com
ASA
Reverse DNS Query
10.1.2.56?
304002
To Next Page
Loading...
