Allow DNS lookups with Cisco ACL
Posted on 2006-11-20
I currently use ACL's on my Cisco 2600 series router to block as much of what I don't want as possible. The lines that pertain to my web server are:
access-list 116 permit tcp any host <my web IP> eq www
access-list 116 permit tcp any host <my web IP> eq 443
...followed by a "deny all" at the end.
Now, however, I need to allow this web server to access a few other web sites, and it appears that my only issue is that I can't get results from my ISP's DNS server. I thought this line should do it:
access-list 116 permit udp any host <my web IP> eq domain
I can access a site by using a specific IP address, but I still can't resolve any domain names. How do I alllow DNS with ACL's?