0

Last night I unplugged our old 6Meg bonded T1's from our Cisco ASA 500 and configured the ASA with our new public IP addresses and gateway for our new 10Meg service from another ISP. We haven't had to change ISP's in almost 10 years. I successfully configured the firewall and the new internet service came online immediately. After going in and making sure the access lists were correct I checked my DNS server. I could only find a few references to the old IP address under Reverse Lookup Zones under the 13.xxx.63.in-addr.arpa (that 13.xxx.63 being the first 3 segments of our old IP). There are 4 static PTR records that reference our mail server but I can't edit them. Do need to make a new zone in Reverse Lookup Zones with our new IP (xx.xxx.xx.in-addr.arpa)? Our exchange is hosted onsite and my MX records updated pretty quickly.

Is there anything I need to do in DNS?

Thanks!

ItsPronounced
  • 634
  • 4
  • 18
  • 40

1 Answers1

2

The only reason you would have to do internal DNS is if you were for some reason referencing the external IP address of an internal device on purpose. If, for some reason and I can't think of any off the top of my head, you wanted to go outside of your network in order to "loopback" in, then you would need, if referencing by name, to update internal records.

The only thing that might need to change is your Exchange server settings. I am not positive on this, but you could potentially have settings in there referencing your old external IP, though it would probably be an abnormal circumstance that would cause you to do so since filtering would be done by other devices.

Renegade91127
  • 81
  • 2
  • Thank you, I've only had 1 issue this morning where an email bounced back (to an international customer) saying `No RDNS entry for xx.xxx.xx.xx` (our new public IP). Not sure if it's related or not. – ItsPronounced Jul 12 '13 at 14:41
  • 1
    You need to get on your ISP about setting up Reverse DNS for your new external IP addresses. I know that I had an issue with that, and it takes some work sometimes to get the reverse done. They have to be done by the "owner" of the IP address, which could be your ISP, or the company that gives your ISP its data. Its a much more of a pain to get those setup than to do the forward records. I'd start with contacting your ISP, and do so quickly as you will see bounce backs happen more often. – Renegade91127 Jul 12 '13 at 14:48