somebody correct me if i'm wrong but from what i remember, ACLs have a "default deny" clause the moment you put them in. you have to specifically allow the traffic you want, or put a blanket approval like permit all outgoing.
hth. --vince. Andrew G. Buenaventura wrote: >I am having an extremely weird IOS problem. Everytime I add an ACL to >the router, my internal DNS server is unable to resolve external >domains. Even a single ACL line (access-list 100 permit tcp any host >XXX.XXX.XXX.XXX eq 6667) would block outgoing DNS queries. Any ideas? >My IOS version is 12.1(3). >_ >Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph >To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > >To subscribe to the Linux Newbies' List: send "subscribe" in the body to >[EMAIL PROTECTED] > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
