Cisco ASA - Permit/Deny Traffic Domain name FQDN
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Cisco ASA - Permit/Deny Traffic Domain name FQDN相关的知识,希望对你有一定的参考价值。
refer to:https://www.fir3net.com/Firewalls/Cisco/cisco-asa-domain-fqdn-based-acls.html
dns domain-lookup outside
DNS server-group China_Telecom_SH_DNS
name-server 202.96.209.133 202.96.209.5
domain-name Oneitc.local
object network obj-i1.mallcoo.cn
fqdn i1.mallcoo.cnno access-list 200 extended permit ip object-group Reception-Desktop-with-liminatioin object-group Mallcoo-Server log
no access-list 200 extended deny ip object-group Reception-Desktop-with-liminatioin any log
no access-list 200 extended permit ip any any log
access-list 200 extended permit ip object-group Reception-Desktop-with-liminatioin object obj-i1.mallcoo.cn
access-list 200 extended permit ip object-group Reception-Desktop-with-liminatioin object-group Mallcoo-Server log
access-list 200 extended deny ip object-group Reception-Desktop-with-liminatioin any log sh access-list acl-inside
sh dns
dns expire-entry-timer minutes <minute>以上是关于Cisco ASA - Permit/Deny Traffic Domain name FQDN的主要内容,如果未能解决你的问题,请参考以下文章