I’ve got a Cisco 806 Broadband Router running IOS 12.2 with the Firewall Feature set. The router is connected to DSL line.
Here is the problem. I have connectivity out to the Net and can ping IP addresses, but the router can’t (won’t?) resolve domain names.
As you will see from my configuration below (shortened to get under the TR character limit, but the important stuff is there), nameservers are defined. However, when I try to ping a FQDN, it references the DNS server, and it seems to be submitting the resolution request to the DNS. In spite of this, it can’t resolve the name. I get an error saying the domain was not found or the protocol is not running.
I’ve turned on debug for DNS, but it only tells me that the request is timing out.
From what I can tell, the configuration is correct. Unfortunately I cannot post the whole thing here because of the T/R character limit, but the access list I am using is below. In any event, I have tried removing the access-list entirelyand it has not changed anything.
I know it is not the line or the DSL gateway, because if I connect a Netgear DSL router, everything is just fine.
Anybody have any ideas?
access-list 111 permit tcp any any eq www
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any traceroute
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any eq bootps any eq bootpc
access-list 111 permit udp any eq bootps any eq bootps
access-list 111 permit udp any eq domain any
access-list 111 permit esp any any
access-list 111 permit udp any any eq isakmp
access-list 111 deny ip any any
