Internal DNS Resolution

Similar Messages

• Internal DNS resolution issue - almost all external sites working

  I administer an Xserve running 10.5.8 Server. This client is running internal DNS due to a few internal services (iChat, mail, VPN, etc) - but his website, of the same domain, is hosted externally at a hosting provider. This is where I'm running into odd problems. For examples:
  ichat.company.com - 10.0.1.100 (when inside the network, also has FQDN on Internet)
  mail.company.com - 10.0.1.100 (same as above)
  www.company.com - xxx.xxx.xxx.xxx (the actual public IP address of the web server at the host)
  Do I need to do it this way? If I don't define the "www" record internally, and point it to the external IP of the hosting provider for the website, the clients inside the network can't see the website, because the internal domain services aren't answering the "www" question and won't hand off to the internet records. It's frustrating because every time the client has a subdomain added to his website, i have to add a record on his internal DNS or it won't resolve at his office. example:
  newdomain.company.com - xxx.xxx.xxx.xxx (public IP of the web host, or it fails)
  Is there a way to have internal DNS for a domain answer most but not all questions for the domain?
  - Bill

  Just as an aside, you could potentially setup a subdomain for the internal systems, e.g. 'corp.company.com' and setup the internal services in this domain - ichat.corp.company.com, mail.corp.company.com, etc.
  Then to get to the internal systems users use those .corp.company.com hostnames and the rest of .company.com gets sent upstream.
  It may or may not be sufficient for your needs. This kind of model works well for static users that only work in the office but may not work so well for mobile users.

• Problem: Slow Intranet Sites/Internal DNS Resolution for only AD Users

  Hello,
  We are experiencing a very odd problem.
  Any and All Active Directory users are experiencing very slow intranet sites.
  We are a school corporation, so this is affecting our Student Information System, as it is entirely web-based and locally hosted.
  All of our Domain Controllers are Windows Server 2012 R2, with all the latest critical updates.
  All client workstations are Windows 8.1 Professional.
  The problem occurs with ALL web browsers (IE, Chrome, FF, etc)
  All DNS queries respond in <1 ms (no matter whether we are logged in as AD User or local computer user).
  If we login as local computer user, we have blazing fast intranet sites/DNS resolution.
  If we login as AD user, everything crawls again... every click on the intranet site spins and says loading for up to 15 seconds.
  If we add the the intranet site to the local computer HOST file, it is blazing fast, just as if we logged on as local computer user.
  If we take it back out of the HOST file, it drags again.
  I am totally stumped!
  Any help is appreciated.
  Thanks!

  Hi,
  How are DNS settings configured?
  If there are any public DNS IP addresses in Preferred or Alternate field, please remove them, then input these DNS entries in the Advanced section. We should only configure Domain Controllers’ IP addresses on Preferred
  and Alternate DNS server section for domain-joined machines.
  More information for you:
  Active Directory’s Reliance on DNS, and using an ISP’s DNS address
  http://blogs.msmvps.com/acefekay/2009/08/17/ad-and-its-reliance-on-dns/
  Best Regards,
  Amy

• DNS resolution on Anyconnect - multiple different internal DNS servers

  All,
     We have multiple different internal windows AD domains within our network, that currently do not replicate their DNS zones between them.
  Is there anyway with an ASA/anyconnect VPN to create a configuration so the ASA inspects the DNS lookups from a user connected via the anyconnect VPN client, and route it to a defined internal DNS server?
  For example I have three internal AD domains site1.com with a dns server ip of 1.1.1.1 , site2.com 2.2.2.2, site3.com with a dns server ip of 3.3.3.3, when a user VPN's in and performs a dns lookup for the name server1.site1.com the ASA see's it is for site1.com and routes the lookup to 1.1.1., however when a user performs a dns lookup for server1.site2.com, the asa see's its is fro site2.com and routes the DNS lookup to 2.2.2.2.
  Any thoughts on alteratives to over come the problem also welcome and/or if anyone can point me to a link that explains the function of "mulitple DNS server groups, which is located in the ASDM interface under Remote Access VPN->DNS (as I have not been able to find a plain english explanation of the function as I am unsure if this does what I am looking for)
  Thanks

  Hi Dominick,
  I have a solution for your problem. You will need to log into the CLI of the WSA and issue the following commands:
  s370r01.csw> dnsconfig
  Currently using the local DNS cache servers:
  1. Priority: 0  10.9.8.8
  Choose the operation you want to perform:
  - NEW - Add a new server.
  - EDIT - Edit a server.
  - DELETE - Remove a server.
  - SETUP - Configure general settings.
  - SEARCH - Configure DNS domain search list.
  []> localhosts <----- Hidden Command
  Local IP to Host mappings:
  Choose the operation you want to perform:
  - NEW - Add new local IP to host mapping.
  - DELETE - Delete an existing mapping.
  []> new
  Enter the IP address of the host you are adding.
  []> 10.1.1.1 < -------- IP of the M series
  Enter the canonical host name and any additional aliases (separate values with spaces)
  []> Host name of the M series. Hit enter until you get back to the command prompt and type commit then enter.
  Sincerely,
  Erik Kaiser
  WSA CSE
  WSA Cisco Forums Moderator

• DNS-resolution doesn't work with VPN

  Hello,
  I setup a l2tp vpn connection in the iPhone and nearly all works perfectly. But the most important part doesn't work: The DNS-resolution after connecting to the VPN.
  It's possible to send pings over the 'ping'-App and I also can ping the iPhone from the network. Safari also works with IP-Adresses. But when I try to use a hostname the resolution fails. Equally for internal and external addresses.
  On my MacBook Pro the VPN works and Mac OS is able to resolv hostnames. So the server should be alright.
  So I think there is a bug in the resolver-part of iPhone OS. Please fix this Apple.
  Kind regards,
  lord-of-linux

  Thanks for your hint to send this as a bug report. But today I had time and continued testing and changed some settings of my l2tp-Server and now I's working fine. I don't know where I had the mistake, but it seems that it was my fault.
  Now the only problem I have to solve is access over NAT, but this is not iPhone specific.

• RV082 - Slow DNS Resolution

  Greetings Gang,
  Have an RV082 v1.1 FW 1.3.98-tm that has been rock solid for a couple of years and is now, suddenly, experiencing dead crawl DNS resolution.
  No changes in configuration prior to the behavior starting. Tried rebooting the unit, no changein behavior.
  There's an internal DNS server that resolves internal resources, but everything else gets pushed to the RV082.
  I've tried Comcast, Verizon and Google DNS servers at the router level, and the results are the same -- so that rules out the DNS servers themselves.
  Change the DNS servers at the NIC level on a wrokstation, and resolution occurs quickly and reliably.
  I'm looking to reset to Factory Default and reload the configuration and likely upgrade to FW 2.0.0.19-tm or 2.0.2.01-tm but I do see similar issues reported with those firmwares, and moreover, in a mixed Mac/PC environment.
  Was wondering if anyone else has experienced these issues, could identify a root cause and resolution.
  Thanks,
  Jorge

  Probably just corruption, which can happen every so often.  A couple of years in service rock-solid is really great.
  I experienced similar problems with my rv016s when my ISP changed their backend carrier equipment.  I was never able to fix the issue, so I had to reboot them every 8hrs.
  I wouldn't upgrade unless you HAVE to.  You'll more than likely run into other bugs that breaks your current configuration, even if it's just a site-to-site VPN (I've been there, done that).
  Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

• DNS Resolution in Cisco ASA 5525

  Hey all,
  I will begin by telling you what my end goal is, I am trying to block specific websites on our cisco ASA 5525 using FDQN. I know that this functionality for DNS resolution was not implemented until a specific version.
  Current Version: Cisco ASA 5525
  ASA Version: 8.6(1)
  I can ping external addresses from the ASA however I cannot ping hostnames like "ping google.ca" does not work.
  What I've done.
  dns domain-lookup inside
  dns domain-lookup outside
  name-server x.x.x.x (Primary internal dns server)
  name-server x.x.x.x (Secondary internal dns server)
  name-server 8.8.8.8 (Google external dns server)
  name-server 8.8.4.4 (Google external dns server)
  domain-name example.com
  With this config I can, however, ping hostnames of internal servers.
  This is an example of me pinging an external hostname.
  ciscoasa# ping google.ca
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 2607:f8b0:4009:803::101f, timeout is 2 seconds:
  No route to host 2607:f8b0:4009:803::101f
  Success rate is 0 percent (0/1)
  Any ideas?
  Thanks!

  officeasa# ping www.google.com
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 2607:f8b0:4009:802::1012, timeout is 2 seconds:
  No route to host 2607:f8b0:4009:802::1012
  Success rate is 0 percent (0/1)
  John, due to the sensitive nature displayed within show route output, is there any other information I can tell you, what exactly did you need to see from this information?
  (I know without certain information you cannot help but I need to ensure security on my end)
  Thanks for understanding.

• Office 365 Internal DNS issues

  I have recently started doing some migrations from a hosted exchange 2007 server onto office 365 and have ran into some issues. 
  Since we have alot of users still using the hosted exchange (slowly moving users over 1 by 1 to 365) I have not fully turned off the local server and therefore had some issues with the autodiscover when setting up my email in outlook 2013.  
  I instead used the domain and email given to me by microsoft (the <user>@<name>.onmicrosoft.com)   This at the least allowed me to be able to add my user and sync my email, but it presented me with another issue. Outlook and now lync ask
  me for credentials every few mins.  I can cancel the password prompt and give it a few then it will start syncing again. 
  After some research i found that it may be my internal DNS preventing seamless communication. I added the CNAME and SRV records to my local server and the issue still presents itself. 
  Anyone run into this issue and have a resolution? I have tried killing my local credentials on the machine im using outlook on just in case, and verified with all the proper office tools that the autodiscover service is working.  I have synced up my
  phone in seconds with no issues as well. 
  Any input would be great! 
  Thanks! 

  Since we have alot of users still using the hosted exchange (slowly moving users over 1 by 1 to 365)
  You really don't need to do this one by one, Office 365 will take care of most things. You might want to take a look at this article for a step by step guideline of how to migrate from Exchange 2007 to Office 365:
  http://blogs.technet.com/b/canitpro/archive/2013/11/20/step-by-step-migrating-from-exchange-2007-to-office-365.aspx
  Anyway, for the specific issue you met, I would suggest you to post in the forum of
  Office 365 Community.
  This forum focuses on questions and feedback for Microsoft Office client. There is not so much about Office 365 Admin\hosted\plan\Cloud aspects here.
  The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
  Regards,
  Ethan Hua
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.

• SCOM 2012 SP1 - DNS Resolution failure alert

  Hi,
  Our customers are receiving bogus DNS resolution failure alerts though the site is rendering fine from the watcher node.Nslookup shows the name resolves after first or 2nd timeout and this behavior is expected in some of our internal name space that have a
  long resolution path.Is SCOM perform an nslookup first?What is the default DNS resolution time SCOM use? I'm trying to set higher threshold for DNS Resolution time in custom monitor to mitigate this.Users doesn't want to disable the DNS resolution monitor
  and looking for a permanent fix.This issue has been going on a while in our environment. Any help would be much appreciated. Our SCOM is 2012 sp1 CU4.
  C:\Users\admin>nslookup xxxx
  Server:  abc.contosso.com
  Address:  10.4.5.6
  Non-authoritative answer:
  DNS request timed out.
      timeout was 2 seconds.
  Name:    abc.xyz.contosso.com
  Address:  10.2.3.4
  Aliases:  abc.xyx.contosso.com
  Thanks,

  Thanks.As a temporary mitigation, I have disabled the DNS Resolution Failure Monitor for the url to stop the false alert and it worked so far but it started again and this time it alerted for the error code failure.It appears DNS resolution failure is the
  culprit .Any insight why error code failure monitor is additionally checking for DNS resolution failures? The DNS Resolution Failure monitor is already in disabled state.Any way we can disable this DNS checks without disable error code failure monitor?
  Error Code Failure health explorer,
  Base Page (show/hide details)
  HTTP Status Code
  0
  Unreachable
  false
  Error Code
  2147954407
  DNS Resolution Failure
  true
  DNS Resolution Time (seconds)
  0
  TCP Connect Time (seconds)
  0
  Time To First Byte (seconds)
  0
  Time To Last Byte (seconds)
  0
  Redirect Time (seconds)
  0
  Download Time (seconds)
  0
  Total Response Time (seconds)
  0
  Content Size (bytes)
  0
  Secure Failure Code
  0

• AD DNS resolution Issue for specific Site

  Hello Experts,
  Currently I am facing issue for DNS Resolution.
  I have 2 Sites
  Site A(2003 R2 DC) & Site B(2008 R2 ADC)
  my domain name is abc.co.in
  and I have another forwardlookup zone abcl.com (mail.abcl.com/Dev.abcl.com)
  I am able to resolve host recoreds for abc.co.in & abcl.com from site A
  I am facing issue for Site B
  unable to resolve A records for mail.abcl.com
  when I am trying to resolve using
  ============================================================
  nslookup mail.abcl.com 192.168.0.5 (Site B ADC)
  getting below output
  Server : adc01siteB.abc.co.in
  Address : 192.168.0.5
  Non autoritative answer :
  Name : com.co.in
  address : 192.254.185.209
  Aliases : mail.abcl.com.co.in
  ==============================================================
  mail.abcl.com - 192.168.0.11 (Actual Internal A record)
  I want to know why this trying to resolve from external DNS (192.254.185.209)
  your help / pointers will be appreciable
  R Udeg

  Is your settings for site B the same for site A in the DNS Server properties?
  Did you make sure that UDP and TCP port 53 is open both ways?
  Did you make sure all resource records have been updated?
  Did you flush the cache/ scavenging happened?
  Did you check the DNS forwaders and recursion?
  Remember if a DNS server fails to resolve a name for which it is not authoritative, the cause is usually a failed recursive query. Recursive queries are used frequently by DNS servers to resolve remote names that are delegated to other DNS zones and servers.
  Note: If you disable recursion on the DNS server, you will not be able to use forwarders on the same server.

• DNS in DHCP Pool (Internal DNS issue)

  I know that we can setup multiple DNS server under DHCP pool. But I like to make sure the order.
  I have multiple branch offices.
  Let us say that Branch 1 office has a router with 10.30.1.1 as default gateway.
  Our internal DNS is 10.0.0.1 and 10.0.0.2 as Pri and Sec.
  My order of DNS server is like below.
  1. gateway
  2. internal DNS
  3. public DNS provided by ISP
  I saw couple of issues that when I put internal DNS first. Particular situation is when IPsec is not working, users could not access internet through domain name because they had internal DNS which is not reachable.
  But, when gateway is first order, I am not sure whether user are able to access internal website because gateway DNS doesn't have internal DNS records.
  So, my question is that. what should be the best order for DNS setup under DHCP among default gateway, internal DNS and public DNS?  Our current setup doesn't have even gateway address, it only has internal DNS addresses only.      
  ip dhcp pool ccp-pool1
  network 10.30.1.0 255.255.255.0
  domain-name test.org
  default-router 10.30.1.1
  netbios-name-server 10.30.1.1
  dns-server  10.30.1.1 10.0.0.1 10.0.0.2 24.25.5.60

  Thank you, Richard.
  You are right. when I setup router IP for DNS server in DHCP pool. it did not work.
  Let me ask regarding external DNS forwarding.
    I like to know the process of exteranl DNS.
  User --> Internal website --> OK with internal DNS
  User --> External website --> Internal DNS forwarding to External DNS
  We have our own external DNS (ns), in this case, if external DNS (ns) is down, every branch users are not able to resolve any external IP because internal DNS can't get reply from external DNS?
  2nd question)
  IPsec is split-tunneled, but in this case, every DNS request goes internal DNS which is located in HQ and goes back through IPsec? Usually Split tunnel doesn't go internet traffic through IPsec but internet directly.
  3rd Question)
  what is for ip name-server x.x.x.x   when I setup ip name-server 8.8.8.8 and I tried to ping 8.8.8.8 from router, it didn't work. Am i missing something?
  https://supportforums.cisco.com/thread/230711
  Thanks for your time and knowledge.

• Internal DNS - emailsrvr.mydomain won't resolve, IP does - www works.

  Internal Mail won't resolve to emailserver domain, but LAN ip is fine
  Hey gang, longtime reader first time poster.
  After wrestling with this issue, i'm about out of ideas.
  Here's my setup.
  Leopard server 10.5.4, running OD master (all rocking),
  AFP, Firewall, DNS, (mobile) network home directories.
  I'll call this "xserve.mydomain.com "
  Its NAT'd IP is 192.168.1.102.
  It's a FQDN, kerberos is running and happy, all is well.
  There are about 12
  clients, each with a desktop (imac) and laptop (macbook).
  I have a second (windows 2003 sbe) server hosting the following
  services: Exchange and Web (for now).
  I'll call this winsbe.mydomain.com
  Its NAT'd IP is 192.168.1.101
  My External DNS setup is this.
  Our DNS hosting is done by our registrar (network solutions).
  We own 4 static IPs from our ISP.
  One IP is for our router/firewall providing NAT
  to internal clients, and the xserve is on DMZ, with
  its OSX firewall service turned on.
  One IP is for the
  windows server. (the last two, if you've been counting, are unused .
  Via Network Solutions "advanced DNS", I have our zone
  configured. "xserve.mydomain.com" points to its WAN
  IP (66.xxx.xxx.198).
  www points to 66.xxx.xxx.194.
  MX records refer to "winsbe.mydomain.com" via
  WAN IP 66.xxx.xxx.194 as well.
  All outside services resolve correctly.
  IE, i can hit the website and send/receive email from mydomain.com.
  My internal DNS as setup as this:
  primary zone= mydomain.com
  nameserver= xserve.mydomain.com
  mx record= winsbe.mydomain.com
  xserve.mydomain.com has an A record to LAN IP.
  winsbe.mydomain.com has an A record to LAN IP.
  www is a CNAME record to winsbe.mydomain.com. <----i'm not sure about this one but it works.....
  My forwarder IP points back to my Router (which seems to give me better performance than using ISP
  DNS from here..)
  I know this is working fine insofar as the webserver, as
  an nslookup (www.mydomain.com) internally resolves www to 192.168.1.101.
  mydomain.com and www.mydomain.com hit the webserver internally
  on client browsers. rock.
  Again, forward AND reverse nslookups internally resolve to winsbe.mydmain.com/92.168.1.101
  Here is my guess as to my problem,
  my internal hostname + a record for the windows server the same as the MX record
  which has an alias from www.
  I think it's getting effed in there somewhere?
  If I setup email clients with the windows server LAN IP rather than
  the domain "winsbe.mydomain.com" it all works fine.
  I'd frankly be willing to half-*** it with this solution,
  but each client will require a mobile computer, so we can't have that
  I feel like i'm on the right track, but
  just can't make the breakthrough.
  Am I barking up the wrong tree here?
  Here is a last question,
  I have my firewall/router as the "Forwarder IP Address"
  in the last page of Settings in server admin. When i put
  my ISP's DNS servers, i always get a 2 second delay
  for any web query on any client.
  I have "127.0.0.1" as the first DNS entry in xserve Network Preferences.
  The xserve is the only DNS entry in the client computers.
  This isn't a "bad practice" or anything is it?

  For the curious, my named.conf below (haven't messed with it):
  // Include keys file
  include "/etc/rndc.key";
  // Declares control channels to be used by the rndc utility.
  // It is recommended that 127.0.0.1 be the only address used.
  // This also allows non-privileged users on the local host to manage
  // your name server.
  // Default controls
  controls {
  inet 127.0.0.1 port 54 allow {any; }
  keys { "rndc-key"; };
  options {
  include "/etc/dns/options.conf.apple";
  * If there is a firewall between you and nameservers you want
  * to talk to, you might need to uncomment the query-source
  * directive below. Previous versions of BIND always asked
  * questions using port 53, but BIND 8.1 uses an unprivileged
  * port by default.
  // query-source address * port 53;
  // a caching only nameserver config
  logging {
  include "/etc/dns/loggingOptions.conf.apple";
  // Public view read by Server Admin
  include "/etc/dns/publicView.conf.apple";
  // Server Admin declares all zones in a view. BIND therefore dictates
  // that all other zone declarations must be contained in views.

• Internal DNS server and NAT routing issue.

  Hi -- I am not terribly experienced with DNS and I am running into an issue that I can't seem to resolve. My company.com DNS information is hosted by an outside ISP for email, web, etc... but I have configured an A record there to point to the public IP to my mac os x server (server.company.com).
  We have a cisco router configured with one to one NAT from the public IP to the internal IP for our server in a 192.168.15.x subnet. The same router is running DHCP and and NAT on that subnet under a different public IP provided by our ISP.
  Our server is running DNS with recursion and has a "company.private" zone set up for internal services and machine names. Thus, the server is accessible via "server.company.com" from the outside and "server.company.private" from the private LAN.
  The problem is that I would like to be able to access some services simply via "server.company.com" both inside and outside the private network. Now, accessing the "server.company.com" services from the private lan does not work because the name resolves to the external IP and the external IP cannot be used internally due to NAT.
  Is there a way to configure my internal DNS server to respond with the appropriate private address when receiving a query only to "server.company.com" and forward requests on for anything else on "company.com"?
  I know that I could manually duplicate all entries for our domain from my ISP and host the same entries for internal clients, but it would be much easier to only have our server handle requests for itself. The server is running OS X Server 10.4.11.
  Thanks

  Is there a way to configure my internal DNS server to respond with the appropriate private address when receiving a query only to "server.company.com" and forward requests on for anything else on "company.com"?
  Ordinarily, no. Once your server thinks it is responsible for a zone (e.g. company.com) then it will answer all queries for that domain and never pass them upstream. Therefore you'd have to replicate all the zone data, including all the public records, and maintain them both.
  The one possible exception to this (I haven't tried) is to create a zone for server.company.com that has your internal address. In theory (like I said, I haven't tried this), the server should respond to 'server.company.com' lookups with its own zone data and defer all other lookups (including other company.com names since they're not in a zone it controls). Might be worth trying.

• Access website with same name as internal dns...

  Hi there
  I've set up a server with internal dns zone as 'example.com' with the machine name being 'server.example.com'
  Everything has been going well, but we cannot now access our externally hosted website at 'www.example.com' I now realise from looking at other posts on the web that perhaps I should have not used the same dns address internally as is used externally, but we have plans to bring mail servers in-house and so thought that this would be the correct way to go.
  Can anyone offer advice on the correct way to resolve this?
  Thanks

  From what you're saying then, I need to change the DNS host name of the internal network to example.net or similar.
  You can use a level within your own domain, such as server.internal.example.com, where server is the host name and internal identifies a host within your network, and example.com is a domain you own. Larger networks use this construct to identify hosts within a corporate site or a particular building, such as www.corp.example.com, www.frobnitz.example.com and www.boston.example.com.
  I assume it doesn't matter if I don't own the domain example.net?
  Do not use a domain that you do not have permission to use.
  Only use domains you own (best), or domains that will never be activate.
  It's best if you use a domain you own or a subdomain of a domain you own, or (less desirably, but functional) use a Top Level Domain (TLD) string that will never be a domain (a completely made-up domain such as server.tvkiddomain where tvkitdomain is a text string that will never match a real domain such as .COM or .NET or .BIZ or .TRAVEL or the country codes or the gazillions of these TLD strings that are coming on-line. (That there are TLDs coming on-line makes this somewhat more risky; you can end up using a domain you don't own of somebody lights up a matching TLD.)
  The second parallel domain is small cost and simple, particularly as you need few or no services for it from your registrar. (When I buy domains for a site, I usually purchase several TLDs around the domain -- such as the classic big three .COM, .NET and .ORG -- and then have these available for just this sort of purpose. It's easier to buy these up front than to add them later, given the usual domain squatting that can happen. And it's not much money. And it's flexibility for later network activities, and far easier to describe and to support.)
  Will the changeip command change the DNS name of machines that I've set up, so that server.example.com will be renamed server.example.net? I assume I'll need to unbind and rebind any client machines that I've bound to the server?
  changeip would be the tool I'd use, yes. And I'd reconnect, yes. There's a DNS command around that flushes the DNS caches on the clients; you'll also need to clear that.
  Prior to Leopard, on each DNS client:
  sudo lookupd -flushcache
  Leopard DNS cache flush, on each DNS client:
  sudo dscacheutil -flushcache
  Thanks for the pointer to the other post, was helpful, but I think that changing the internal DNS host name will be the simplest option...
  IMO, the simplest option is to avoid domain name collisions and to avoid domains you don't own; to maintain the basic operations and assumptions of DNS.
  Bad DNS is one of the few things you can do that can screw up other hosts and other sites on the Internet.

• New Asa 5505... Anyway to set up behind home router with no internal DNS?

  Since the home router is the DNS server, the Asa has no internal DNS which is probably the cause of no internet. Is there any way around this?

  Can you not simply use the ASA as the DHCP server and include the DNS server in your DHCP configuration ?
  Jon