Date: Mon, 19 Jul 1999 17:34:32 -0600 (CST) From: Theodore Hope <freebsd@iguana.internexo.co.cr> To: denp@acnet.net (Ivan Villalobos) Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD + Cisco Access Lists Message-ID: <199907192334.RAA27900@iguana.internexo.co.cr> In-Reply-To: <4.1.19990719175537.009b7900@mailmtx.acnet.net> from "Ivan Villalobos" at Jul 19, 99 06:02:04 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> When we put an access list on a cisco router, blocking all incoming ICMP > traffic to the FreeBSD server, the server (a DNS server) is not able to > resolve any name, when we take the access list out, it works. It would > appear at first glance that there is a problem in the access list, but the > other DNS server, running Solaris x86 2.6 work just fine, same access list. > What is more, this FreeBSD installation is replacing an old Solaris x86 > server, that worked just fine with the same access list. Sounds like you're not only blocking ICMP but also UDP, which DNS uses. Check your lists again. Remember that when you do certain deny/allow things on Cisco lists, you may also implicitly be deny'ing other traffic (such as UDP). But that's Cisco stuff, so it's way off-topic ;-) Good luck. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907192334.RAA27900>