Hi Masoud; - Page 2

ciscoreg2 · ‎11-28-2015

Hi All;

I found lots of messages like below in my 1941 router:

%DNSSERVER-3-BADQUERY: Bad DNS query from <IP address>.

How can I get ride of it?

ciscoreg2 · ‎11-29-2015

Hi Masoud;

I have already set below command to my router, but I still see lots of DNS in log?

ip access-list extended filter-inbound

evaluate CHECK-TRAFFIC

deny tcp any any eq domain

deny udp any any eq domain

permit ip any any

ip access-list extended filter-outbond

permit tcp any any eq domain reflect CHECK-TRAFFIC timeout 300

permit udp any any eq domain reflect CHECK-TRAFFIC timeout 300

permit ip any any

Masoud Pourshabanian · ‎11-29-2015

Please post the output of

show access-list filter-inbound

Show access-list filter-outbound.

And please post some of the logs with their ips

Masoud

ciscoreg2 · ‎11-30-2015

FYI

#show access-list filter-inbound

Extended IP access list filter-inbound

10 evaluate CHECK-TRAFFIC

20 deny tcp any any eq domain

30 deny udp any any eq domain (2 matches)

40 permit ip any any (838823 matches)

#Show access-list filter-outbound

#

%DNSSERVER-3-BADQUERY: Bad DNS query from 1.197.242.39

%DNSSERVER-3-BADQUERY: Bad DNS query from 117.90.248.59

%DNSSERVER-3-BADQUERY: Bad DNS query from 101.85.236.189

Masoud Pourshabanian · ‎11-30-2015

Try this one intead just for test and check the result. I will direct others attention to your question if you still receive that log after applying this.

ip access-list extended filter-outbond

permit tcp any any reflect CHECK-TRAFFIC

permit udp any any reflect CHECK-TRAFFIC

permit icmp any any reflect CHECK-TRAFFIC

ip access-list extended filter-inbound

evaluate CHECK-TRAFFIC

interface [wan interface]

ip access-group filter-inbound in

ip access-group filter-outbond out

ciscoreg2 · ‎12-09-2015

Hi Masoud; Seems still same, do you know zone based firewall can deny those access?

cisco router 1941 DNS Problem