3-33
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 3 Information About NAT
Where to Go Next
Figure 3-26 shows an FTP server and DNS server on the outside. The ASA has a static translation for
the outside server. In this case, when an inside user performs a reverse DNS lookup for 10.1.2.56, the
ASA modifies the reverse DNS query with the real address, and the DNS server responds with the server
name, ftp.cisco.com.
Figure 3-26 PTR Modification, DNS Server on Host Network
Where to Go Next
To configure network object NAT, see Chapter 4, “Configuring Network Object NAT.”
To configure twice NAT, see Chapter 5, “Configuring Twice NAT.”
ftp.cisco.com
209.165.201.10
DNS Server
Outside
Inside
User
10.1.2.27
Static Translation on Inside to:
10.1.2.56
1
2
4
3
Reverse DNS Query
209.165.201.10
Reverse DNS Query Modification
209.165.201.1010.1.2.56
PTR Record
ftp.cisco.com
ASA
Reverse DNS Query
10.1.2.56?
304002