cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2627
Views
0
Helpful
4
Replies

Access-list on using DNS domain name instead of IP?

news2010a
Level 3
Level 3

Hi, can you help me with this one?

Imagine I need to let a couple of Symantec security appliances (internal network) communicate on port 443 TCP to domains listed below. In my experience, I should do this based on the respective domain names (as shown below, since IP addresses change without warning).

Can someone tell me what should I consider in order to do access-lists based on domain name? Is the below correct:

.#access-list 101 permit tcp <ip_address_appliance> 0.0.0.0 swupdate.brightmail.com eq 443

swupdate.brightmail.com

register.brightmail.com

aztec.brightmail.com

4 Replies 4

Collin Clark
VIP Alumni
VIP Alumni