05-09-2015 02:05 AM - edited 03-07-2019 11:56 PM
05-09-2015 04:05 AM
Add the following line to your ACL and DHCP should work:
ip access-list extended Block_Facebook 1 permit udp any eq bootpc any eq bootps
05-09-2015 04:24 AM
Hi,
You blocked DHCP discover packet with your current ACL, Discover packet has sender IP of 0.0.0.0 (port 68) and destination IP of 255.255.255.255 (port67) which is being blocked by this ACL. Adding line
permit udp any eq 68 host 255.255.255.255 eq 67
can solve your problem. (There are other possibilities for allow DHCP in ACLs)
Anyway, why u did not use "name-server" to simplify ur ACL with only 1 line to block facebook?
HTH,
Houtan
05-09-2015 04:05 AM
Add the following line to your ACL and DHCP should work:
ip access-list extended Block_Facebook 1 permit udp any eq bootpc any eq bootps
05-09-2015 04:30 AM
Thank You guys you helped me alot :D
05-09-2015 04:24 AM
Hi,
You blocked DHCP discover packet with your current ACL, Discover packet has sender IP of 0.0.0.0 (port 68) and destination IP of 255.255.255.255 (port67) which is being blocked by this ACL. Adding line
permit udp any eq 68 host 255.255.255.255 eq 67
can solve your problem. (There are other possibilities for allow DHCP in ACLs)
Anyway, why u did not use "name-server" to simplify ur ACL with only 1 line to block facebook?
HTH,
Houtan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: