Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
770
Views
0
Helpful
1
Replies

no ICQ/IM

dkuo
Level 1
Level 1

‎12-07-2000 10:56 AM - edited ‎03-08-2019 07:52 PM

Our network has a T1 line going to the Internet. Our Cisco 2601 router has NAT configured. Our email server is Exchange5.5.

How do I stop ICQ or IM from getting in our LAN?

Appreciate the help!

Labels:
0 Helpful
1 Reply 1

rbharania
Level 1
Level 1

‎12-09-2000 10:26 AM

Hmm... well, you had not mentioned any sort of a firewall on your network, but such a device is the logical place for enforcing your policy.

ICQ: Clients log into login.icq.com using

5190 TCP. Client to client communication just uses random high (gt 1024) TCP ports. My guess is that if you block 5190 to the login servers, you break ICQ.

(since doing the latter is perhaps more impractical)

Unfortunatly, I wasn't able to find port informtion from AOL as to what IM uses - their homepage for IM has no instructions for firewalling. My suggestion in lieu of this is to just find out what IM is using using your router...

For example, create an ACL for one host that you'll use as a test subject and then do a debug ip packet and then fire up IM on that one host - and

see what you get on your debug output.

You should really only do this if you feel comfortable with the debug functions of IOS - if

used improperly, it could have quite the negative impact on your router.

-Rakesh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents