Solved

Dan you use DNS entries in Pix Access Control Lists?

Posted on 2007-11-15
1
268 Views
Last Modified: 2010-04-09
Folks, hopefully this is an easy one.  
We have a Pix that we are trying to limit outside web browsing to a few web sites.  I can set up the ACL with no issues and it works with no complaints.  Then the web site address changed and no access to the web site.

Is there a way to list just the DNS name of the web site in the ACL and have the Pix box do the DNS resolution on it's own?  It would save a tremdous amount of  time instead of listing the IP addresses of the web sites (Yahoo Maps happens to be one of the sites we are constantly changing).

0
Comment
Question by:Sean_E_Smith
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 36

Accepted Solution

by:
grblades earned 125 total points
ID: 20289092
No you cannot do that.

The PIX does support products like Websense which can be used to filter on a URL basis.

The way I do it is to force everyone to use a central proxy server and then only allow the proxy to access websites. You can then do all the URL filter on the proxy server.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question