query regarding ACL

pavan.kumar · ‎06-02-2004

Hi,

why we added this ACL in our uplink filters

deny 11 any any . This was applied on all customer

interfaces .ours is cisco 3660 with 12.2(23)

please clarify.

Regds

VKSP

dandaluz · ‎06-04-2004

Hi,

Can you copy paste the exact output? What you have posted does not say much.

Danny

pavan.kumar · ‎06-07-2004

Hi Danny ,Thanks for your reply .Below is the filter i have seen in my router ,which was applied for a customers uplink filter.Please explain .

ip access-list extended BSSL-UPLINK-FILTER-07-10-03

deny 11 any any

deny 53 any any

deny 55 any any

deny 77 any any

deny pim any any

regards

VKSP

dandaluz · ‎06-07-2004

VKSP,

This filter is blocking IP Protocol numbers 11, 53, 55 and 77 as well as PIM for MC. Take a look at the below link. It gives a listing of the protocol numbers and what they are.

http://support.microsoft.com/default.aspx?kbid=289892

Regards,

Danny

pavan.kumar · ‎06-07-2004

Hi Danny , My objective is to know "what is the purpose of blocking those protocols " in the filter of access-list.

Regards

VKSP

jodilovell · ‎06-28-2004

I looked for ages for this and finally found it:

http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

That'll explain why these protocols are blocked.