redirect dns requests to opendns on PIX 501 (v6.3)?

5020 pts.
Tags:
Cisco networks
Cisco PIX Firewall
DNS configuration
Networking
PIX 6.3
I have a remote factory location that connects back to our home plant to get dns resolution. Most of the systems are configured to look to the PIX firewall at that location, and/or our dns server at the main facility via a point-to-point network setup we have. What I would like to do is have the PIX intercept each dns request, and redirect them to go to opendns' dns servers and not our internal one. I've tried a few things with 'static' entries, but I'm not getting anywhere. Any help?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Why?

Sure, I guess why, but you can configure your own (I’d not say internal) DNS server to resolve differently to different clients using “zones”. Zones could be “internal” – for clients in your main facility, e.g. with IPs 10.0.0.0/22; “remote” – for factory location, e.g. with IPs 192.168.0.0/24 (sure, you have to have some tunneling in place, terminated on PIX), and “external” – for all others – though, from your scenario (redirecting “remote” to opendns servers) I’d guess you need just internal and external zones.

Good luck,

Petko

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Koohiisan
    We don't have a server at this location, and no one is willing to spend any $ to put one there. So, I'm just looking to solve this with a simple kludge. I may have to simply change each machine there to use the new dns address instead, but I was hoping for a simpler solution.
    5,020 pointsBadges:
    report
  • petkoa
    So, if you can resolve issue by changing DNS settings on every PC at remote location, it means you also don't have dhcp there. Well, isn't it time to arrange a VPN tunnel to your main site - I believe PIX can do it and configure remote machines by the main site dhcp server? It could be a little risky not to have a local (backup) dhcp there, but anyway might be worth trying... As for redirection of the dns requests to an outer site - I'm not sure it'd be possible at all.
    3,120 pointsBadges:
    report
  • Chippy088
    I think it would be more useful to set up dhcp and dns resolution on the remote local router? Unless there are circumstances that prevent it, it would mean that the queries would be resolved with the minimum of redirection.
    4,625 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following