[425] in resnet
Re: Blocking ports using Cisco IOS 12.1
daemon@ATHENA.MIT.EDU (Kent Smith)
Tue Nov 20 12:08:34 2001
Message-ID: <200111201700.MAA14008@listserv.nd.edu>
Date: Tue, 20 Nov 2001 12:00:33 -0500
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: Kent Smith <resnet@DESALES.EDU>
To: RESNET-L@listserv.nd.edu
We would like to do the same port blocking. The only difference is that we
would like to do it by an individual subnet not on the whole network.
Currently our ACL for Morpheus looks like this:
remark Morpheus_MusicCity
deny tcp 147.xxx.1.0 0.0.0.255 206.142.53.0 0.0.0.255
deny tcp 147.xxx.3.0 0.0.0.255 206.142.53.0 0.0.0.255
deny tcp 147.xxx.7.0 0.0.0.255 206.142.53.0 0.0.0.255
deny tcp 147.xxx.9.0 0.0.0.255 206.142.53.0 0.0.0.255
What would be the best way to incorporate a port block into this
configuration?
Thanks
Kent Smith
On Tue, 20 Nov 2001 11:21:14 -0500, Denise Christenson <christen@USNA.EDU>
wrote:
>You need to use an extended access list and try using these lines:
>You will need to apply the access list to whichever interfaces are
appropriate. (Inbound/Outbound, etc.)
>access-list 101 deny tcp any any eq 1214
>access-list 101 deny udp any any eq 1214
>access-list 101 permit ip any any
>
>>>> jack555@INTHECREASE.NET 11/20/01 11:06AM >>>
>We are having a hard time blocking Kazza and Morpheus by just denying their
>IP address. We would like to block port 1214 but we can't figure out how
to
>do this. We have a Cisco 7200 series router with Cisco IOS 12.1 running on
>it. Does any one have any experience with port blocking on a Cisco router?
>
>Thank You
>Jack Mason
>
>___________________________________________________
>You are subscribed to the ResNet-L mailing list.
>
>To subscribe, unsubscribe or search the archives,
>go to http://LISTSERV.ND.EDU/archives/resnet-l.html
>___________________________________________________
>
>___________________________________________________
>You are subscribed to the ResNet-L mailing list.
>
>To subscribe, unsubscribe or search the archives,
>go to http://LISTSERV.ND.EDU/archives/resnet-l.html
>___________________________________________________
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
