09-12-2014 07:09 AM - edited 03-07-2019 08:44 PM
Hello need more help with my project please. I have a vlan inside our network, this vlan can only access a few resources. I was using the big network DNS server for internet access but that has change, they are adding a DC and Exchange server on this vlan. So I need to get the DC to access public dns server like 8.8.8.8 (google).
I can not get this to work
Here is my config
interface Vlan888
description VLAN 888 - PROJECT test
ip address 10.88.70.250 255.255.255.0
ip access-group TEstIN in
ip helper-address 10.88.70.50
standby 1 ip 10.88.70.254
standby 1 priority 200
standby 1 preempt
standby 1 authentication XXXXX
Extended IP access list TEstIN
10 permit ip 10.88.70.0 0.0.0.255 10.88.70.0 0.0.0.255 log
15 permit ip 10.88.70.0 0.0.0.255 host 10.70.0.1 log
16 permit ip host 10.70.0.1 10.88.70.0 0.0.0.255 log
20 permit ip 10.88.70.0 0.0.0.255 10.99.10.0 0.0.0.255 log
21 permit ip 10.88.70.0 0.0.0.255 10.99.11.0 0.0.0.255 log
35 permit tcp any any eq www log
36 permit tcp any any eq 443 log
37 permit tcp any eq www any log
38 permit tcp any eq 443 any log
40 permit tcp any any eq domain log
41 permit tcp any eq domain any log
42 permit udp any any eq domain log (1596 matches)
43 permit udp any eq domain any log
60 deny ip any any
DC IP config
IP 10.88.70.50
Subnet 255.255.255.0
Gateway 10.88.70.254
DNS 8.8.8.8
you can see i am getting hits on my DNS acl line.
When I try to do a nslookup fails, ping fails.
Please Help
09-12-2014 08:18 AM
I think that the DNS traffic tcp and udp can pass but you must add the permit ip any any for icmp
09-12-2014 08:30 AM
well, i found the issue I was having was with the Firewall that everyone is behind
I just need to allow the DC(ip address) to 8.8.8.8
had to make inside access rule
09-12-2014 08:31 AM
where is nat ? you can not go to google dns from local network address
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide