Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IP routes based on domains

Hi all,

I would like to configure few routings on my Cisco router 871 in order to allow my employees to have access only to specific websites.

However, since some websites have dynamic IPs propably the route that I will create will not work.

My question is, can I configure a route or is there any other way to configure this permission based on the hostname/domain?

For example, if I want to permit access to this website ( instead of configuring:

ip route

is there any way to configure based on the (  in order to be able to recognise this host correctly??

Really appreciate any answer,

Thank you for your time,




Re: IP routes based on domains

Hii leonnikolaou

Well, I don’t know your network design whether you are using internal DNS or web proxy server or not.

However, From technical point of view I have an idea to partially automat it through the use of IP SLA and EEM

(the SITE IP address changes --> IP SLA fails --> you are notified with mail and through Syslog that the site is down --> you manually change the route)

Create IP SLA to monitor http access to the site:


ip sla 10

http get

frequency 300

ip sla schedule 10 start-time now life forever

configure tracking referencing the IP SLA:


track 1 ip sla 1 reachability

configure EEM to send mail to and to generate Syslog message the IP SLA:


event manager applet a7a

event track 1 state down

action 1.0 mail server "" to "" from "" subject "surveymonkey site is down" body "anything"

action 2.0 syslog msg "surveymonkey site is down"

Finally if you know EEM Scripting then you can fully automate it:

(the SITE IP address changes --> IP SLA fails -->  perform ping --> from output you retrieve the new IP address (programming script) --> delete old route --> add new route (programming script) --> optional you could notify you self as well

First configure you router for DNS:


ip name-server

ip domain lookup

IPSLA and Track are the same

event manager applet a7a

event track 1 state down

action 1.0 cli command "ping "

*******************some script command should be here to get the new IP address***************************

action 2.0 cli command "no ip route"

action 3.0 cli command " ip route <>"

action 4.0 mail server "" to "" from "" subject " surveymonkey site IP changed" body "anything"

action 5.0 syslog msg "surveymonkey site IP changed"

Hint : sample ping would be :


Translating ""...domain server ( [OK]

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:


Success rate is 100 percent (5/5), round-trip min/avg/max = 224/228/236 ms

The IP address here is

I Hope  this helps


IP routes based on domains

IP routes can only look at the IP Header in a given packet.

You would need some Application Layer device such as a proxy or a product like WebSense.