Hello,
I use access list to close port on entry from internet but when I scan the port from internet, the port is still open (for instance 53 or domain). Does someone have any idea?
I have a Cisco 1921 router on iOS 15.3
Here is a part of my configuration :
interface Dialer1
mtu 1492
ip address negotiated
ip access-group RESTRICT_ENTRY_INTERNET in
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp chap hostname xxxxxxxxxx
ppp chap password 0 xxxxxxxxxxxxxx
ppp pap sent-username xxxxxx password 0 xxxxxx
!
ip access-list extended RESTRICT_ENTRY_INTERNET
deny tcp any any eq telnet
deny tcp any any eq 22
deny tcp any any eq www
deny tcp any any eq 443
permit ip any any
deny tcp any any eq domain