4

How to block DNS request from inside host with ASA 5505

view full story
linux-howto

http://serverfault.com – This seemed simple enough but I have to be missing something. I have the following config to block all DNS request from the inside that are not going to the allowed external DNS server. access-list INSIDE-ACCESS-OUT extended permit udp any object open-dns1 eq domain access-list INSIDE-ACCESS-OUT extended permit udp any object open-dns2 eq domain access-list INSIDE-ACCESS-OUT extended permit tcp any object open-dns1 eq domain access-list INSIDE-ACCESS-OUT extended permit tcp any object open-dns2 eq domain access-list INSIDE-ACCESS-OUT extended deny udp any any eq domain access-list INSIDE-ACCE (HowTos)