Try the followin:
access-list 100
permit udp any eq domain any
DNS queries go out on a dynamic
UDP source port and the destination UDP port is 53. On the response to the DNS
query, the UDP datagram is source UDP port 53, and the
destination port is whatever dynamic UDP port that was originally the
source going out. Your original
entry would work fine if it was an outbound access-list, but since it is inbound from the ISP, you need to make the
adjustment.
Hope this helps
|
Title: Access-list Problem with UDP Port 53
- Access-list Problem with UDP Port 53 Richie, Nathan
- Re: Access-list Problem with UDP Port 53 Timothy Metz
- RE: Access-list Problem with UDP Port 53 Trentj
- RE: Access-list Problem with UDP Port 53 Timothy Metz