Yes, I did, (and I posted to the newsgroup).
Here it is again...
The "due to DNS response" syslog message in a deny statement means that the
PIX Firewall DNS Guard feature is in effect and the message indicates slow
response from the DNS server. When the response is slow, the PIX Firewall
sends a second DNS inquiry, the first returns, and the second gets denied
and logged.
The above paragraph was taken directly from the cisco webpage:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v41/pixrn417.h
tm
Watch the wrap.
Not sure which version it started in, but it is in the majority of pix code.
HTH,
Eric
-----Original Message-----
From: Allen May [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 11:25 AM
To: Pierre-Alex GUANEL
Subject: Re: PIX / DNS [7:20518]
Did you get an answer for that? I'd be interested in knowing what it was as
well.
Allen
----- Original Message -----
From: "Pierre-Alex GUANEL"
To:
Sent: Thursday, September 20, 2001 5:41 AM
Subject: PIX / DNS [7:20518]
> Has anyone seen this before ("due to DNS Response")?
>
> How do I see details on the DNS response that was denied (packet coming on
> the external interface of the firewall I presume)?
>
> 106007 Deny inbound UDP from 208.145.207.71/9597 to 10.1.1.51/1077 due
> to DNS Response
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20572&t=20518
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
