DNS on ASA

lquin1978 · ‎06-02-2011

I want to use hostnames in my ACL's instead of IP addresses so I have enabled DNS on the ASA.

I have enabled (or so I think) DNS on the ASA

ciscoasa(config)# dns domain-lookup outside

ciscoasa(config)# dns name-server 4.2.2.2 4.2.2.3

But when I ping www.mydomain.com is says invalid host.. should this work or am I missing something?

Maykol Rojas · ‎06-02-2011

Hello,

Weird, I put those commands and it worked for me just fine. The final goal is to use domain names on the Access list? As far as I understand that is going to be possible only in version 8.4.2 or its still on deployment.

Would you please do a show run dns?

Mike

lquin1978 · ‎06-06-2011

dns domain-lookup outside

DNS server-group DefaultDNS

domain-name mydomain.org

DNS server-group MYDNS

name-server [IP address]

Maykol Rojas · ‎06-06-2011

Would you please put a DNS server on the default dns group?

Mike

lquin1978 · ‎06-09-2011

okay will try and get back to you thanks.

If I cant use names in teh ACL what is teh DNS used for?

Maykol Rojas · ‎06-09-2011

Hello,

Mostlikely for features like botnet and so on.

Mike