RE: DNS and access-list

Wed, 01 Nov 2000 16:00:09 -0800 

you might want to put another line in your acess list to allow ports greater
than 1023 back in :)

Regards,

Jason Baker
Network Engineer






-----Original Message-----
From: Curtis Call [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 02, 2000 4:11 AM
To: [EMAIL PROTECTED]
Subject: Re: DNS and access-list


You mentioned that you have an access-list allowing port 53 for tcp or udp
but the question is are you filtering the response that is coming back from
the DNS server.  Do you have access-lists filtering traffic coming from that
direction?  It will be responding to a dynamic port number (it's destination
won't be 53, it'll be whatever your computer decides) so I don't know a way
to include that into an access-list unless you can force your computer to
always use a certain port when performing DNS queries (which is something
that I don't know how to setup).

---------- Original Message ----------------------------------
From: "SH Wesson" <[EMAIL PROTECTED]>
Reply-To: "SH Wesson" <[EMAIL PROTECTED]>
Date: Wed, 01 Nov 2000 16:19:31 GMT

>I want to allow a particular server to do DNS queries such that when they 
>type www.cisco.com or something like that, it will go to the specify DNS 
>server and find the ip address.  I have an access list allowing port 53 for

>tcp and udp and it doesn't work.  Can anyone help.  Thanks.
>_________________________________________________________________________
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at 
>http://profiles.msn.com.
>
>_________________________________
>FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to