[c-nsp] Cisco Access List DNS redirect
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Sun Feb 12 03:40:29 EST 2006
Alexander C. Fossa <> wrote on Saturday, February 11, 2006 11:57 PM:
> Just a quick question... I'm trying to make a cisco access list do the
> following but failing miserably.
>
> Any DNS requests out of the dialer0 interface are re-addressed to a
> specific DNS server. So if the client can put whatever he wants as his
> DNS server on his local machine, but the router redirects everything
> to my DNS server.
>
> Is it possible? I've tried access lists with a route-map but not
> having any success :-(
I think you have two options:
- policy route all DNS traffic to a directly connected server who
listens to all destination IP addresses (as policy-routing will not
rewrite the IP header), so you need to do something on the
server/application side as well.
- Use SSG (which is pretty complex, I think, but I'm not very familiar
with it)
oli
More information about the cisco-nsp
mailing list