allowing acl to a dns address

Unanswered Question
Sep 2nd, 2008

Hi all, if I want to allow my hosts to access a certain host name, how can I do this ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Carl,

Let me bring your attention to a specific part of the URL I posted:-

access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet

access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1

access-list 101 permit udp host 10.1.1.2 host 172.16.1.1

access-list 101 permit ip 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255

So now lets think about DNS - typically a DNS query is UDP port 53 right?

So in URL I posted and the above capture of some of the post, a typical extended access-list you specify:-

1) Permit or Deny

2) Layer 3 IP or Layer 4 TCP/UDP - there are more options...but for this we can forget about them

3) Source network or source host

4) Source tcp/udp port number

5) Destination network or desintation host

6) Destination tcp/udp port number

I think the above explains it all.

Actions

This Discussion