Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
301
Views
0
Helpful
2
Replies

Urgent Help wanted with Blocking DHCP requests - cut myself off!!

foxgold
Level 1
Level 1

‎01-07-2004 06:09 AM - edited ‎03-02-2019 12:43 PM

This relates to the previous question about blocking DHCP requests/traffic across a Cisco 2611xm router.

HELP!!!! I just applied the ACL to the two FE interfaces and I've lost my connection to the router and can't get back in!!

What I did was:

1) In interface FE0/0 typed: ip access-group 103 in

In interface FE0/1 typed: ip access-group 103 in

2) exited to Global Config mode and typed:

access-list 103 deny tcp any any eq 67 log

access-list 103 deny udp any any eq 67 log

access-list 103 deny tcp any any eq 68 log

access-list 103 deny udp any any eq 68 log

access-list 103 deny tcp any any eq 546 log

access-list 103 deny tcp any any eq 547 log

access-list 103 permit ip any any

At this point I lost my connection and I didn't even get a chance to save it with write mem.

What happened and more importantly am I taking a late night drive to fix it?

How could this drop my connection...I did exactly as yourself and some others suggested and also followed the method from my Cisco manual.

What can I do from here to get it right?

Thanks in advance

Paul

Labels:
0 Helpful
2 Replies 2

7rbowenii
Level 3
Level 3

‎01-07-2004 11:20 AM

Paul,

It looks as though you will most definitely need to reboot the router to undo the changes. However, if you are able to connect via a console port, look at what data was entered. I'd almost be willing to bet that only the first line of your acl is actually in the router. If you can get in, do a no ip access-group 103 in on both your interfaces. Then create the access list. And then reapply it to your interfaces. if you have to reboot (hopefully changes before this last one were saved.) you should be able to enter your access-list first and then apply. Don't forget your permit any any line, or you'll be hosed. I hope this helps.

-Bo

0 Helpful

foxgold
Level 1
Level 1
In response to 7rbowenii

‎01-07-2004 01:54 PM

Thanks for that. I'll have a go this morning at getting in via console port to fix it. If not > reboot time and the settings should be lost as it was not saved via write mem and copy to start config.

Cheers

Paul

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card