Showing results for 
Search instead for 
Did you mean: 

Allowing a dyn dns to my access list


Hi all.

I allow a remote user access to our network based on his static ip which he is about to loose. We have configured a dyn dns address for his changing public IP that i would like to add to our cisco.

Looking at ASDM how is it possible to allow a dyn dns address to the access list and for the ASA to update accordingly?


3 Replies 3

Jouni Forss


If you have ASA running 8.4(2) or newer software you can use FQDN in the ACL rules to allow connections based on the DNS name rather than the IP address

In this setup you will have to

  • Configure DNS servers that the ASA can use to make DNS queries
  • Enable DNS lookups on the ASAs interface through which the DNS queries should be sent
  • Configure an "object network " and "fqdn"
  • Use the created "object" in the ACL rule

Example configuration could be for example (unless I remember something wrong)

dns domain-lookup outside

dns server-group DefaultDNS


object network GOOGLE


access-list OUTSIDE-IN permit tcp object GOOGLE host eq 80

access-group OUTSIDE-IN in interface outside

So I would imagine that if your software is not the above mentioned or newer you wont be able to allow connections according to FQDN.

Hope this helps

- Jouni

Great post, thanks for the detail.

I'm currently running:

Cisco Adaptive Security Appliance Software Version 7.2(5)

Device Manager Version 5.2(5)

WIll i need to upgrade my appliance for this to work?

Yes, but upgrading to 8.4(2) will, unfortunately, change a lot of your configurations related to NAT in particular.

Reference this document to get a heads-up on what else will be required.

An alternative and arguably better solution to your problem is just creating a Remote Access VPN for him on the ASA, then his IP won't matter, unless I am misunderstanding how this person connects.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers