Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
466
Views
0
Helpful
1
Replies

DNS dynamic feed block traffic testing

evan.chadwick1
Level 1
Level 1

‎11-08-2017 01:44 PM

Hi Folks,

I've recently added a dns policy to my ACL with all the dynamic feed options selected.

I'm using a zone as my source and testing from this zone.

I"m unable to trigger a block and wondered if I have missed something?

I can confirm:

1/ cisco-dns-and-url-intelligence-feed is up to date : 2017-11-09 recent timestamp

2/ i'm testing a bunch of url's from http://mirror1.malwaredomains.com/files/domains.txt

if I test a few in my browser the proxy blocks it, so I would be confident that it should also be blocked via Cisco dynamic feed.

3/ i can see the traffic pass through the SFR device via, system support capture-traffic tcpdump

Labels:
0 Helpful
1 Reply 1

evan.chadwick1
Level 1
Level 1

‎11-09-2017 04:26 PM

I also noticed that a laptop running Cisco Umbrellar resolves look ups from the malware list of domains.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card