cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
544
Views
0
Helpful
19
Replies
ciscoreg2
Beginner

cisco router 1941 DNS Problem

Hi All;

I found lots of messages like below in my 1941 router:

%DNSSERVER-3-BADQUERY: Bad DNS query from <IP address>.

How can I get ride of it?

19 REPLIES 19

Hi Masoud;

I have already set below command to my router, but I still see lots of DNS in log?

ip access-list extended filter-inbound

evaluate CHECK-TRAFFIC

deny   tcp any any eq domain

deny   udp any any eq domain

permit ip any any

ip access-list extended filter-outbond

permit tcp any any eq domain reflect CHECK-TRAFFIC timeout 300

permit udp any any eq domain reflect CHECK-TRAFFIC timeout 300

permit ip any any

Please post the output of

show access-list filter-inbound

Show access-list filter-outbound.

And please post some of the logs with their ips

Masoud

FYI

#show access-list filter-inbound

Extended IP access list filter-inbound

    10 evaluate CHECK-TRAFFIC

    20 deny tcp any any eq domain

    30 deny udp any any eq domain (2 matches)

    40 permit ip any any (838823 matches)

#Show access-list filter-outbound

#

%DNSSERVER-3-BADQUERY: Bad DNS query from 1.197.242.39

%DNSSERVER-3-BADQUERY: Bad DNS query from 117.90.248.59

%DNSSERVER-3-BADQUERY: Bad DNS query from 101.85.236.189

Try this one intead just for test and check the result. I will direct others attention to your question if you still receive that log after applying this.

ip  access-list extended filter-outbond

permit tcp any any reflect CHECK-TRAFFIC

permit  udp any any reflect CHECK-TRAFFIC

permit icmp any any reflect CHECK-TRAFFIC



ip access-list extended filter-inbound

evaluate  CHECK-TRAFFIC



interface [wan interface]

ip access-group filter-inbound in

ip  access-group filter-outbond out

Hi Masoud; Seems still same, do you know zone based firewall can deny those access?