10-08-2012 05:05 AM - edited 03-07-2019 09:20 AM
Hi All,
I have a network with 3 segments and a 2921 router.
172.16.5.0/24, 172.16.0.0/27 and 172.16.2.0/23 .
I wand to block all 135 TCP traffic from/to IP 172.16.5.5 to any host in other segment, but only TCP port 135 and only to the specified IP.
How will I do that?
Thanks!
Solved! Go to Solution.
10-08-2012 05:17 AM
Here is the access-list
access-list 101 deny tcp host 172.16.5.5 eq 135 any
access-list 101 deny tcp any host 172.16.5.5 eq 135
access-list 101 permit ip any any
You can apply it in direction on port/ports which connects to the source subnets
or you can apply in out dirction on ther interface connecting to 172.16.5.5
10-08-2012 05:17 AM
Here is the access-list
access-list 101 deny tcp host 172.16.5.5 eq 135 any
access-list 101 deny tcp any host 172.16.5.5 eq 135
access-list 101 permit ip any any
You can apply it in direction on port/ports which connects to the source subnets
or you can apply in out dirction on ther interface connecting to 172.16.5.5
10-08-2012 11:18 PM
Thanks a lot!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide