Can ASA use DNS to map ACL name entries to IP addresses

Unanswered Question
Aug 4th, 2008

Can I configure an ASA to use DNS to lookup the IP address of a URL/hostname contained in an ACL?

eg:

access-list ACL-1 extended permit tcp any host www.cisco.com

I can see that this may result in some performance issues, but is it possible?

I'm ok with the internal name table mapping names to IP, and see that the ASA can use an external DNS server to resolve a name used in a ping to a URL.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
aacole Mon, 08/04/2008 - 07:10

I was coming to that conclusion, and you have confirmed it, thanks.

I'm trying to allow access to these websites, the ACL is on the inside. My customer will have to provide me with a list of IP addresses so I can map these using names.

Actions

This Discussion