Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
710
Views
0
Helpful
1
Replies

Network Object based on domain name instead of IP

Justin Westover
Level 1
Level 1

‎05-03-2011 08:28 AM - edited ‎03-11-2019 01:28 PM

Is there a way on the ASA to create a network object using the domain. For example, If I want to block all of yahoo.com, I create an ACL that blocks my source addresses from the inside network to yahoo.com, the ASA could then perform a DNS lookup for yahoo.com and block the IP address. Is there a way to do this on the ASA? This would be beneficial compared to looking up every public IP address for a particular site that I want to block.

Labels:
0 Helpful
1 Reply 1

manish arora
Level 6
Level 6

‎05-03-2011 09:11 AM

I don't think this is Possible in ASA as of right now. You are
better off using something like Websense etc for that. If another device is not an option then Just whitelist ip addresses of sites that you think are required and then deny everything else.

Manish

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card