How to Use Fully Qualified Domain Names in an Extended Access-List
A fully qualified domain name (FQDN) is a name that specifies the exact location of the server or host in the hierarchy of the Domain Name System (DNS). For example, yahoo.com is a fully qualified domain name. It specifies the location of the server where the Internet protocol (IP) resides. An access-list is a filtering protocol that routers use to permit or deny traffic to enter into or exit a network. If you design an extended access list, you can specify various items to use as a filtering mechanism, like the source or destination address, or the FQDN.
Other People Are Reading
Instructions
-
-
1
Click "Start > All Programs" and click the router connection program. This lets you connect to the router. When the router screen pops up, type "enable" (without quotes) to enter privileged mode.
-
2
Type the command "configure terminal" (without quotes) to enter the configuration mode on the router. Type the access list command "IP access-list extended Ename-in-and-out com" (without quotes). This creates the access-list with the FQDN Ename-in-and-out.com.
-
-
3
Type the command "interface Ethernet0/0" (without quotes). This puts you into the interface mode. The interface is the physical port that will direct network traffic. Next type the command "IP address 10.10.10.1 255.255.255.0" (without quotes) to configure the Ethernet port with its own IP address. Finally, type "IP access-group Ename-in-and-out.com in permit TCP host 10.10.10.2" (without quotes). Thus, by using the interface command, you are identifying the location "(Ethernet0/0)" where the access-list will reside. Finally you add the FQDN portion to allow (permit) traffic into the network.
-
1
References
- Photo Credit cable modem image by IKO from Fotolia.com
More Like This
Comments
-
very helpful information.
