Filter
Top Products
17-8
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 17 Configuring Basic Settings
Configuring the DNS Server
For information about dynamic DNS, see the “Configuring Dynamic DNS” section on page 19-2.
Prerequisites
Make sure that you configure the appropriate routing for any interface on which you enable DNS domain
lookup so you can reach the DNS server. See the “Information About Routing” section on page 24-1 for
more information about routing.
Step 1 In the ASDM main application window, choose Configuration > Device Management > DNS > DNS
Client.
Step 2 In the DNS Setup area, choose one of the following options:
• Configure one DNS server group.
• Configure multiple DNS server groups.
Step 3 Click Add to display the Add DNS Server Group dialog box.
Step 4 Specify up to six addresses to which DNS requests can be forwarded. The ASA tries each DNS server
in order until it receives a response.
Note You must first enable DNS on at least one interface before you can add a DNS server. The DNS
Lookup area shows the DNS status of an interface. A False setting indicates that DNS is
disabled. A True setting indicates that DNS is enabled.
Step 5 Enter the name of each configured DNS server group.
Step 6 Enter the IP addresses of the configured servers, and click Add to include them in the server group. To
remove a configured server from the group, click Delete.
Step 7 To change the sequence of the configured servers, click Move Up or Move Down.
Step 8 In the Other Settings area, enter the number of seconds to wait before trying the next DNS server in the
list, between 1 and 30 seconds. The default is 2 seconds. Each time the ASA retries the list of servers,
the timeout time doubles.
Step 9 Enter the number of seconds to wait before trying the next DNS server in the group.
Step 10 Enter a valid DNS domain name for the group of configured servers.
Step 11 Click OK to close the Add DNS Server Group dialog box.
The new DNS server settings appear.
Step 12 To change these settings, click Edit to display the Edit DNS Server Group dialog box.
Step 13 Make your desired changes, then click OK to close the Edit DNS Server Group dialog box.
The revised DNS server settings appear.
Step 14 To enable a DNS server group to receive DNS requests, click Set Active.
Step 15 In the DNS Guard area, to enforce one DNS response per query, check the Enable DNS Guard on all
interfaces check box. If DNS inspection is enabled, this setting is ignored on the selected interface.
Step 16 Click Apply to save your changes, or click Reset to discard those changes and enter new ones.