Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

ASA access rule to ip that changes

I have an ASA 5510

I'm trying to get an access rule that allow https traffic to www.download.windowsupdate.com

The www.download.windowsupdate.com resolves (for me) to an akamai IP 63.97.123.59

I try again later it resolves to an akamai IP 63.80.4.74

earlier it was 204.203.18.138

I can create an access rule to allow an IP range for a while, then another IP comes along and traffic is denied.

I'm pretty sick of the playing chase the IP.

Is there any way to link an access rule to a domain name other than an IP?

1 REPLY
Cisco Employee

Re: ASA access rule to ip that changes

I am afraid not.

access-list only takes object groups (which contain IPs) or IP address in them.

-KS

244
Views
0
Helpful
1
Replies
CreatePlease to create content