cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
415
Views
0
Helpful
6
Replies

allowing acl to a dns address

carl_townshend
Spotlight
Spotlight

Hi all, if I want to allow my hosts to access a certain host name, how can I do this ?

6 Replies 6

I cannot see access list to a dns name on there, is it possible?

Carl,

Let me bring your attention to a specific part of the URL I posted:-

access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet

access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1

access-list 101 permit udp host 10.1.1.2 host 172.16.1.1

access-list 101 permit ip 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255

So now lets think about DNS - typically a DNS query is UDP port 53 right?

So in URL I posted and the above capture of some of the post, a typical extended access-list you specify:-

1) Permit or Deny

2) Layer 3 IP or Layer 4 TCP/UDP - there are more options...but for this we can forget about them

3) Source network or source host

4) Source tcp/udp port number

5) Destination network or desintation host

6) Destination tcp/udp port number

I think the above explains it all.

I believe he's asking if you can use an fqdn in the acl.

In that case - no it's not possible to use a fqdn in an acl.

I mis-understood the post.

yes thats correct

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: