Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

DNS instead of IP in PIX access list

Can I use a dns entry instead of an IP address (208.134.161.5) in the following:

access-list inside1 permit ip 10.0.0.0 255.0.0.0 208.134.161.5 255.255.255.0

  • Other Security Subjects
3 REPLIES
Anonymous
N/A

Re: DNS instead of IP in PIX access list

Re: DNS instead of IP in PIX access list

Hello,

You can define a DNS name within an object group and then use the group to allow/deny traffic.

Have a look at

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a3.html#wp1067755

for access-list syntax and at

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727ab.html#wp1038172

for object-group examples.

Hope this helps! Please rate all posts.

Martin

New Member

Re: DNS instead of IP in PIX access list

Hi,

Hostname in the syntat referres to a hostname allready confígured host using the name command, not a FQDN (DNS name) The access-list does not do any reverse DNS lookup for a name.

Regards,

Marcus

354
Views
3
Helpful
3
Replies