Solved

Dan you use DNS entries in Pix Access Control Lists?

Posted on 2007-11-15
1
265 Views
Last Modified: 2010-04-09
Folks, hopefully this is an easy one.  
We have a Pix that we are trying to limit outside web browsing to a few web sites.  I can set up the ACL with no issues and it works with no complaints.  Then the web site address changed and no access to the web site.

Is there a way to list just the DNS name of the web site in the ACL and have the Pix box do the DNS resolution on it's own?  It would save a tremdous amount of  time instead of listing the IP addresses of the web sites (Yahoo Maps happens to be one of the sites we are constantly changing).

0
Comment
Question by:Sean_E_Smith
1 Comment
 
LVL 36

Accepted Solution

by:
grblades earned 125 total points
ID: 20289092
No you cannot do that.

The PIX does support products like Websense which can be used to filter on a URL basis.

The way I do it is to force everyone to use a central proxy server and then only allow the proxy to access websites. You can then do all the URL filter on the proxy server.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 2960 port led all amber 5 72
Cisco wireless network - guest wlan seems to ask for reauthentication too often 12 64
Cisco Prime and Maps 3 32
The purpose of using BGP 33 69
This is about downgrading PIX Version 8.0(4) & ASDM 6.1(5) to PIX 7.2(4) and ASDM 5.2(4) but with only 64MB RAM and 16MB flash. Background: You have a Cisco Pix 515E which was running on PIX 7.2(4) and its supporting ASDM 5.2(4) without any i…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
A short film showing how OnPage and Connectwise integration works.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now