10-27
Cisco ASA Series Firewall CLI Configuration Guide
 
Chapter 10      NAT Examples and Reference
  DNS and NAT
Step 4 Create a network object for the inside IPv6 network, and configure dynamic NAT with a PAT pool.
hostname(config)# object network IPv6_INSIDE
hostname(config-network-object)# subnet 2001:DB8::/96
hostname(config-network-object)# nat (inside,outside) dynamic pat-pool IPv4_POOL
PTR Modification, DNS Server on Host Network
The following figure shows an FTP server and DNS server on the outside. The ASA has a static 
translation for the outside server. In this case, when an inside user performs a reverse DNS lookup for 
10.1.2.56, the ASA modifies the reverse DNS query with the real address, and the DNS server responds 
with the server name, ftp.cisco.com.
Figure 10-22 PTR Modification, DNS Server on Host Network
ftp.cisco.com
209.165.201.10
DNS Server
Outside
Inside
User
10.1.2.27
Static Translation on Inside to:
10.1.2.56
1
2
4
3
Reverse DNS Query
209.165.201.10
Reverse DNS Query Modification
209.165.201.1010.1.2.56
PTR Record
ftp.cisco.com
ASA
Reverse DNS Query
10.1.2.56?
304002