KB ID 0000029
Problem
You need the ASA to be able to resolve external hostname’s.
Note: You need at least version 8.2(2) before you can use a DNS name in an access-list.
Solution
Note: In this example I’m using 122.122.122.199 and 122.122.122.198 (yes, they cannot exist!) as the external DNS addresses, substitute your own.</p?
1. Whilst in enable mode > enter configure terminal mode, then enable DNS Lookups.
CiscoASA#conf terminal CiscoASA(config)# dns domain-lookup outside
2. Then specify the external DNS Servers (Change IP addresses appropriately).
CiscoASA(config)# dns server-group DefaultDNS CiscoASA(config-dns-server-group)# name-server 122.122.122.199 CiscoASA(config-dns-server-group)# name-server 122.122.122.198 CiscoASA(config-dns-server-group)# exit
3. Test it by pinging a name/URL.
CiscoASA(config)# ping www.petenetlive.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.123.123.123, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 70/84/110 ms
CiscoASA(config)#Related Articles, References, Credits, or External Links
NA
