10-23-2011 06:26 AM - edited 03-04-2019 02:01 PM
Hello Chaps,
I got a guest vlan 193 ... i put acl's on vlans before no worries when i do it to this one if i put for example (extended rule deny ip 10.193.0.0 0.0.255.255 10.1.0.102 0.0.0.0.) 10.1.0.102 is a file server it blocks the ping but also stops dns working im confused !!
DNS for everything that is any external lookup's
the strange thing is the acl works but the DNS Stops .....
even though the DNS is pointing externally and i have tried putting a permit all rule after the deny and still doesnt work ....
any help?
10-23-2011 06:34 AM
It will stop DNS, it will stop all IP traffic because you have a "deny ip ..." statements.
try -
deny icmp 10.193.0.0 0.0.255.255 10.1.0.102 0.0.0.0
Jon
10-23-2011 05:30 PM
There is an implicit deny at the end of every acl. Are you adding permits for the traffic you need to get through?
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide