Solved: Deny specific port from/to an IP - Cisco Community

372

Views

0

Helpful

2

Replies

Hi All,

I have a network with 3 segments and a 2921 router.

172.16.5.0/24, 172.16.0.0/27 and 172.16.2.0/23 .

I wand to block all 135 TCP traffic from/to IP 172.16.5.5 to any host in other segment, but only TCP port 135 and only to the specified IP.

How will I do that?

Thanks!

1 Accepted Solution

Accepted Solutions

Here is the access-list

access-list 101 deny tcp host 172.16.5.5 eq 135 any

access-list 101 deny tcp any host 172.16.5.5 eq 135

access-list 101 permit ip any any

You can apply it in direction on port/ports which connects to the source subnets

or you can apply in out dirction on ther interface connecting to 172.16.5.5

View solution in original post

2 Replies 2

Here is the access-list

access-list 101 deny tcp host 172.16.5.5 eq 135 any

access-list 101 deny tcp any host 172.16.5.5 eq 135

access-list 101 permit ip any any

You can apply it in direction on port/ports which connects to the source subnets

or you can apply in out dirction on ther interface connecting to 172.16.5.5

Thanks a lot!

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking products for a $25 gift card