Re: Dynamic ACLs on any IOS release?

joerggrau · ‎10-14-2010

One of our vendors uses DNS host names to advertise the IP addresses for certain servers. the IP addresses for those server seem to be changing quite frequently.

Is there any way in any router or ASA release to dynamically adjust ACLs to compensate for that? I tried to use a DNS host name in a simple ACL and the name is resolved and the IP address used instead of the host name.

I assume this is not possible, but I figured I'd ask the esperts here.

thanks

Joerg

Federico Coto Fajardo · ‎10-14-2010

Hi,

The ACL can only reference to IP not to name.

If the server's address change they change within a range correct?

So you can configure the ACL to point to the range instead than the single IP.

i.e.

If the server 1.1.1.1 switches IP between 1.1.1.1-1.1.1.14

You can have your ACL point to 1.1.1.0/28

Just a thought.

Federico.

Dynamic ACLs on any IOS release?

IOS-XR: Service Release について

Ignore ACLs.

D301 Duo Release Notes for October 25, 2024

IOS-XR: BGP Dynamic MED について

Dynamic NAT の設定例