Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4053
Views
0
Helpful
0
Replies

sh DNS info: no activated FQDN

awais.ali
Level 1
Level 1

‎01-25-2014 08:37 AM - edited ‎03-11-2019 08:35 PM

Hello everybody,

I have an ASA 5520 that is running 8.4(2) VPN Plus license.

My aim is to block facebook.com for inside network. Below is what I configured

" dns domain-lookup outside

dns server-group DefaultDNS

name-server 4.2.2.2

name-server 8.8.8.8

object network OBJ-FB.COM

fqdn www.facebook.com

access-list ACL-INSIDE line 1 extended deny ip any object OBJ-FB.COM"

The output I receive for Show access-list and Show dns is

SA(config)# sh access-list

access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096)

            alert-interval 300

access-list ACL-INSIDE; 2 elements; name hash: 0xfb5f17a8

access-list ACL-INSIDE line 1 extended deny ip any object OBJ-FB.COM 0x797712ab

access-list ACL-INSIDE line 1 extended deny ip any fqdn www.facebook.com (unresolved) (inactive) 0xcb722ebf

access-list ACL-INSIDE line 2 extended permit ip any any (hitcnt=0) 0x2ed1288c

ASA(config)# sh dns

INFO: no activated FQDN

Could some one explain me what is happening? Why is FQDN not activated?

Thank you in advance!

Awais

11 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card