Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
512
Views
0
Helpful
3
Replies

Trouble in BLocking Ports

nanduriks
Level 1
Level 1

‎02-06-2003 09:43 PM - edited ‎03-02-2019 04:53 AM

Hi freinds,

We have 3 subnets in our office, Configured as secondary Interfaces on the Router. Our Servers are spread across these 3 subnets. Say if I block a port on server sitting in Subnet A through access list, and run a port scan from any node on subnet A , The port is not blocked as ROuter will not come into picture for communication between systems on the same subnet. where as if i scan a server in Subnet B it shows port blocked as i must go through the router to access the secondary subnet and it gets filtered by the access list.

Request a solution for this problem.

Labels:
0 Helpful
3 Replies 3

lgijssel
Level 9
Level 9

‎02-06-2003 10:35 PM

This is not a "problem". This is how it works. When you want to filter traffic to/from your servers move them to a separate subnet so that all server-traffic has to pass the router. This might have impact on your performance, depending on the hardware you are using.

0 Helpful

nanduriks
Level 1
Level 1
In response to lgijssel

‎02-06-2003 11:37 PM

Dear iggi,

Any work around other than shifting the Srervers into a single subnet ?

0 Helpful

jonnyl
Level 1
Level 1
In response to nanduriks

‎02-07-2003 02:54 AM

Hi

Yes you can use a funktion in cisco switches called port protected.

This will force all L2 traffic on ports configured with this to be pushed down to your router and sent with L3.

You can reda about konfigureing this on 3500 switches here:

http://www.cisco.com/en/US/products/hw/switches/ps637/products_configuration_guide_chapter09186a008007e838.html#xtocid17

/Regards Jonas

0 Helpful
Customers Also Viewed These Support Documents