Cisco Cisco Clean Access 3.5
8-11
Cisco Clean Access Manager Installation and Administration Guide
OL-7044-01
Chapter 8 User Management: Traffic Control, Bandwidth, Schedule
Add Global Host-Based Traffic Policies
View IP Addresses Used by DNS Hosts
You can view the IP addresses used for the DNS host when clients connect to the host to update their
systems. Note that these IP addresses are viewed per Clean Access Server from the CAS management
pages.
systems. Note that these IP addresses are viewed per Clean Access Server from the CAS management
pages.
1.
Go to Device Management > CCA Servers > Manage [CAS_IP] > Filter > Roles > Allowed
Hosts.
Hosts.
2.
To view all IP addresses for DNS hosts accessed across all roles, click the View Current IP
addresses for All Roles at the top of the page.
addresses for All Roles at the top of the page.
3.
To view the IP addresses for DNS hosts accessed by clients in a specific role, click the View Current
IP addresses link next to the desired role.
IP addresses link next to the desired role.
4.
The IP Address, Host Name, and Expire Time will display for each IP address accessed. Note that
the Expire Time is based on the DNS reply TTL. When the IP address for the DNS host reaches the
Expire Time, it becomes invalid.
the Expire Time is based on the DNS reply TTL. When the IP address for the DNS host reaches the
Expire Time, it becomes invalid.
Figure 8-8
View Current IP Addresses for All Roles
Tip
To troubleshoot host-based policy access, try performing an
ipconfig /flushdns
from a command
prompt of the test client machine. Cisco Clean Access needs to see DNS responses before putting
corresponding IP addresses on the allow list.
corresponding IP addresses on the allow list.