Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2122
Views
0
Helpful
8
Replies

Redirect DNS traffic

Rodrigo Fialho
Level 1
Level 1

‎12-05-2019 10:32 AM

Hello.

 

I'm facing a trouble.

I'm trying to redirect the DNS traffic for a specific server, DNS lookup-based content filter server. I'm using bellow configuration to redirect traffic:

 

Content filter: 172.16.0.130

 

access-list 100 permit udp 192.168.0.0 0.0.0.255 any eq domain

!

route-map dns permit 10
match ip address 100
set ip next-hop 172.16.0.130

!

interface GigabitEthernet0/0
ip address 192.168.255.2 255.255.255.0
no ip redirects
ip nat outside
ip virtual-reassembly in
ip verify unicast source reachable-via rx allow-default
duplex auto
speed auto
media-type rj45

!

interface GigabitEthernet0/1.10
encapsulation dot1Q 10
ip address 172.16.0.1 255.255.255.128
ip nat inside
no ip virtual-reassembly in
!
interface GigabitEthernet0/1.15
encapsulation dot1Q 15
ip address 172.16.0.129 255.255.255.128
ip nat inside
no ip virtual-reassembly in
!
interface GigabitEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.0.1 255.255.255.0
ip nat inside
no ip virtual-reassembly in
ip policy route-map dns

 

Workstations at 192.168.0.0/24 can't surf the internet.

Labels:
0 Helpful
8 Replies 8

Jaderson Pessoa
VIP Alumni
VIP Alumni

‎12-05-2019 10:41 AM

Hello,

What dns address your workstation are receiving?
Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

Rodrigo Fialho
Level 1
Level 1
In response to Jaderson Pessoa

‎12-06-2019 05:11 AM

Hello,

 

I have some unmanned computers on my LAN and these computers can use any dns address, so I need to forcing these computers to query a specific dns server.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎12-05-2019 12:24 PM

For the question is for this range IP address: 192.168.0.0/24 what is the DNS Server?

 

!
ip access-list extended BB_DNS_REDIRECT
permit tcp 192.168.0.0 0.0.0.255 eq domain any
permit udp 192.168.0.0 0.0.0.255 eq domain any
!
!
route-map BB_RMAPDNS  permit 10
match ip address BB_DNS_REDIRECT
set ip next-hop 172.16.0.130
!

Apply to interface.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Rodrigo Fialho
Level 1
Level 1
In response to balaji.bandi

‎12-06-2019 05:16 AM

Hello,

 

For the question is for this range IP address: 192.168.0.0/24 what is the DNS Server?

This is my LAN address.

 

I made a configuration bellow but it does not work.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Rodrigo Fialho

‎12-06-2019 08:40 AM

is your PC connfigured using DHCP or Static IP, what is the DNS Address you entering there ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Rodrigo Fialho
Level 1
Level 1
In response to balaji.bandi

‎12-06-2019 11:09 AM

Hello,

I am using both dhcp or static IP, workstations can use any DNS address.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Rodrigo Fialho

‎12-07-2019 04:10 AM

Just to precise to work on more granular, give example of what DNS you have used at client end which was not worked.

 

is the rule matching and your ACL? check the logs make sure it is hitting the interface on the first level. we need more information and logs - since we do not any visibility to help here. (Technically it should work, hence we need to investigate what is the issue ) /

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Rodrigo Fialho
Level 1
Level 1
In response to balaji.bandi

‎12-26-2019 10:34 AM

Hello.

 

See the attached, please.

 

You'll understand better my trouble at least I think so.

 

Thanks.

Preview file
101 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card