Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
685
Views
0
Helpful
1
Replies

WLAN acl help

Kurt Warner
Level 1
Level 1

‎07-11-2011 05:50 AM - edited ‎07-03-2021 08:25 PM

ok what i am trying to do is set up an acl that will allow my wirless guest to get to the internet but have no access to my internal network.  I gave them access to my dhcp server and dns server . Pulls a DHCP but say it can not connect to the DNS server,  What am i missing ?

Labels:
Preview file
61 KB
0 Helpful
1 Reply 1

Nicolas Darchis
Cisco Employee
Cisco Employee

‎07-11-2011 11:31 AM

You only authorize when the source port is DNS. It's wrong.

Client sending request :

source port = dynamic

destination port = dns ports on DNS server

server replying to client :

source port=DNS port on DNS server

destination = same dynamic unpredictable port as mentioned above

so you should authorize "from any to DNS server ip and dns port" and "from DNS server ip and port to any"

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card