Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1278
Views
0
Helpful
2
Replies

FTD managed via FDM Access Policy

mumbles202
Level 5
Level 5

‎07-17-2021 12:50 AM

Have a 1010 running 6.6.4 with 10 rules, 1 of which allows the internal DNS server outbound dns over udp and tcp for server from inside to outside. The server fails dns resolution and packet tracer shows the traffic dropped because it hits the default deny ant any rule. I also tried removing the port restrictions and changing the rule to Trust vs Allow,but all  yielded the same result. If I change the default action on the policy to Allow it works without any issue. Is there a setting I'm missing?

 

0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎07-17-2021 12:58 AM

@mumbles202 

Traffic isn't matching that rule for some reason, can you provide a screenshot of your rule.

 

You could also run "system support firewall-engine-debug" command from the CLI, filter on the source IP address of the internal DNS server and provide the output for review.

0 Helpful

mumbles202
Level 5
Level 5
In response to Rob Ingram

‎07-17-2021 07:03 AM - edited ‎07-17-2021 07:08 AM

Thanks for the reply.  After pulling it out and reviewing it in more detail i found the problem with the rule so will redeploy.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card