Unreal Cisco IOS NAT DNS Issue

[rleestma]

Wow. I just got a new 2811 from Cisco, and have the following setup...

5 public IP's
tons of private IP's

I have two dns servers sitting behind the router on private IP's...

OK, here's the problem... as soon as I enable outgoing NAT NO EXTERNAL HOST CAN QUERY MY DNS SERVER! If I have just

nat inside source static tcp 192.168.1.201 53 xxx.xxx.xxx.xxx 53
nat inside source static udp 192.168.1.201 53 xxx.xxx.xxx.xxx 53

it works fine.... BUT, I NEED Outgoing NAT...

My relevant lines are:

Ip nat pool Publics XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX netmask 255.255.255.248
Ip nat inside source list Anything pool Publics overload
ip access-list extended Anything
permit ip any any

Cisco has been stumpted, I've talked to 3 senior engineers on 3 different continents, along with a host of suboordinate techies...

I'm hoping someone here has the solution.

Thanks,

Ryan

 

[rudeboy]

Silly question, but the DNS Server's public IP isn't in the Nat Pool is it?

 

[rleestma]

No...

Any other ideas?

 

[dearingkr]

Ok, stupid question...

Why would you want any external host to query your internal DNS server????

I can't think of a reason

MCSE CCNA CCDA

 

[rleestma]

I'm hosting domains...

Ryan

 

[ChrisAC]

Can you post a "sh ip nat trans"?

Chris.

**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************