Guys, I am having problem resolving DNS names. I have a Cisco 2600 and configured for right name-servers and domain name, but I am still unable to ping www.yahoo.com from my router and a unix box. My router/unix is behind a PIX firewall. I also created an ACL to allow outbound conections to my internal Unix/Router. Following is my pix ACL. I am wondering if somehow my firewall is not allowing DNS resolution. I can ping outside fine. Any help would be greatly appreciated.
Regards!! access-list outside_in permit tcp any host 204.1.2.2 eq telnet access-list outside_in permit icmp any any access-list outside_in permit tcp any host 204.1.2.2 eq ftp access-list outside_in permit tcp any host 204.1.2.2 eq www access-list outside_in permit tcp any host 204.1.2.2 eq domain access-list outside_in permit udp any host 204.1.2.2 eq domain access-group outside_in in interface outside global (outside) 1 204.1.2.1 netmask 255.255.255.0 nat (inside) 1 10.1.1.0 255.255.255.0 0 0 static (inside,outside) 204.1.2.2 10.1.1.1 netmask 255.255.255.255 0 0 (Unix Box ) static (inside,outside) 204.1.2.3 10.1.1.6 netmask 255.255.255.255 0 0 (Router) ========================= These are the logs from my PIX firewall.. (tried nslookup from unix box) 302015: Built outbound UDP connection 23742 for outside:129.250.35.251/53 (129.250.35.251/53) to inside:10.1.1.1/10166 (204.1.159.205/10166) 302015: Built outbound UDP connection 23743 for outside:129.250.35.250/53 (129.250.35.250/53) to inside:10.1.1.1/10166 (204.1.159.205/10166) 302016: Teardown UDP connection 23740 for outside:129.250.35.251/53 to inside:10.1.1.1/40069 duration 0:02:41 bytes 188 302016: Teardown UDP connection 23741 for outside:129.250.35.250/53 to inside:10.1.1.1/40069 duration 0:02:56 bytes 188 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74890&t=74890 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
