51-17
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter51 Configuring Server Access Settings on Firewall Devices
Configuring DDNS
Configuring DDNS
Dynamic DNS (DDNS) provides IP-address and domain-name mapping updates so hosts can find each
other even though their DHCP-assigned IP addresses may change frequently. Also, beginning with the
version 7.2(3), Cisco security appliances can generate DDNS updates. The DDNS page is where you
configure this feature.
The DDNS mappings are maintained on the DHCP server in two types of resource records (RRs): the
address or A records contain the name-to-IP-address mappings, while the pointer or PTR records map
addresses to host names.
By automatically recording the association between assigned addresses and host names at defined
intervals, DDNS allows frequently changing address-host name associations to be updated frequently.
Mobile hosts, for example, can then move freely on a network without user or administrator intervention.
Navigation Path
(Device view) Select Platform > Device Admin > Server Access > DDNS from the Device Policy
selector.
(Policy view) Select PIX/ASA/FWSM Platform > Device Admin > Server Access > DDNS from
the Policy Type selector. Select an existing policy from the Shared Policy selector, or create a new
one.
Field Reference
DNS Server The IP address, or the host network/host object that defines the address,
of the DNS server. Enter the address or click Select to select the
network/host object from a list or to create a new object.
Table51-15 Add DNS Server Dialog Box (Continued)
Element Description
Table51-16 DDNS Page
Element Description
Dynamic DNS Interface
Settings
This table lists currently defined DDNS interface-update methods. Use
the Add Row, Edit Row, and Delete Row buttons below the table to
manage these methods; the Add Row and Edit Row buttons open the
Add/Edit DDNS Interface Rule Dialog Box, page 51-18.
DHCP Client requests DHCP
Server to update records
The global setting on the appliance for DHCP client update requests.
This option enables the client to send DDNS updates via the DHCP
server, and specifies what is updated: the PTR resource record, both the
A and PTR resource records, or neither. Choose Not Selected, Only
PTR Record, Both A and PTR Record, or No Update.
DHCP Client ID Interface Specify the interface(s) for global DHCP client update requests: enter
an interface name or IP address, or Select an interface object.
Enable DHCP Client
Broadcast
Select this option to allow DHCP clients on the device to broadcast
DDNS updates. Available on ASA/PIX 7.2(3)+ devices only.