Filter
Top Products
13-9
Cisco ASDM User Guide
OL-16647-01
Chapter 13 DHCP, DNS and WCCP Services
DNS Client
DNS Client
The DNS Client pane shows the DNS server groups and DNS lookup information for the security
appliance, so it can resolve server names to IP addresses in your Clientless SSL VPN configuration or
certificate configuration. Other features that define server names (such as AAA) do not support DNS
resolution. In those cases, you must enter the IP address or manually resolve the name to an IP address
by adding the server name in the Network Object Groups pane.
Fields
• DNS Server Groups—Displays and manages the DNS server list. There can be up to six addresses
to which DNS requests can be forwarded. The security appliance tries each DNS server in order until
it receives a response. You must enable DNS on at least one interface in the DNS Lookup area before
you can add a DNS server. The contents of the table in this area are as follows:
–
Name—Display only. Shows the name of each configured DNS server group.
–
Servers—Display only. Shows the IP addresses of the configured servers.
–
Timeout—Display only. Shows the number of seconds to wait before trying the next DNS server
in the list, between 1 and 30 seconds. The default is 2 seconds. Each time the security appliance
retries the list of servers, this timeout doubles.
–
Retries—Display only. Shows the number of seconds to wait before trying the next DNS server
in the list.
–
Domain Name—Display only. Shows the number of times the security appliance retries the
request.
• DNS Lookup—Enables or disables DNS lookup on an interface.
–
Interface—Display only. Lists all interface names.
–
DNS Enabled—Display only. Shows whether an interface supports DNS lookup, Yes or No.
–
Disable—Disables DNS lookup for the selected interface.
Modes
The following table shows the modes in which this feature is available:
Add/Edit DNS Server Group
The Add or Edit DNS Server Group pane lets you specify or modify one or more DNS servers for the
security appliance so it can resolve server names to IP addresses in your Clientless SSL VPN
configuration or certificate configuration. Other features that define server names (such as AAA) do not
support DNS resolution. For those, you must enter the IP address or manually resolve the name to an IP
address by adding the server name in the Network Object Groups pane.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •—