ZBF and DNS?

1 reply [Last post]

Thu, 2012-06-14 11:53

Offline

Joined: 2011-06-28

Posts: 18

My 887 router will be a DNS server, I have ZBF. I have to open the port to allow traffic from the DNS server.

<code>
Jun 14 18:23:50.438: %FW-6-DROP_PKT: Dropping udp session 208.67.220.220:53 172.16.1.23:51872 on zone-pair OUTSIDE-TO-SELF class class-default und in policy-map with ip ident 0
</code>

I created an ACL and included it in a class map with 'pass'. It did not work. It worked when I opened ALL udp from this IP?

<code>
Extended IP access list DNS
    10 permit udp host 208.67.220.220 any eq domain
    20 permit udp host 8.8.8.8 any eq domain
    30 permit udp host 208.67.220.220 any (7 matches)
</code>

<strong>Why is line 10 not working?</strong>

Thu, 2012-06-14 12:12

Offline

Joined: 2011-06-28

Posts: 18

Aaaahhh it should be

permit udp host 208.67.220.220 eq domain any

You must be signed in to contribute to the forums.

Not registered? Click here to create an account. It only takes a minute and it's free!

Already signed up? Click here to login.

ZBF and DNS?

You must be signed in to contribute to the forums.

Not registered? Click here to create an account. It only takes a minute and it's free!

Already signed up? Click here to login.

New forum topics

Recent comments

Popular Tags

Monthly Archive

Popular content

Today's:

Last viewed:

Recent blog posts

Active forum topics

ZBF and DNS?

You must be signed in to contribute to the forums. Not registered? Click here to create an account. It only takes a minute and it's free!Already signed up? Click here to login.

New forum topics

Recent comments

Popular Tags

Monthly Archive

Popular content

Today's:

Last viewed:

Recent blog posts

Active forum topics

You must be signed in to contribute to the forums.

Not registered? Click here to create an account. It only takes a minute and it's free!

Already signed up? Click here to login.