How to lock a TCP/IP UPD port for CISCO 1601R 2

[84112000]

Hello All,
I'm trying to allow just a certain port to communicate between a CISCO 3600 and CISCO 1601R on a T1 point-to-point. Can any body help, please?
Thanks,

 

[MTandSAV]

best thing is to create a extended acl where you permit the ports you want and deny everything else. Just make sure you don't deny ports you actually want open.

 

[84112000]

Hello MTelleka,
Could you please walk me through the steps of creating acl?
Thanks,

 

[MTandSAV]

sorry I've been away. I also saw your other post, but have you managed to setup an ACL like this?

 

[lgarner]

access-list 101 permit udp any any eq <port>
access-list 101 deny ip any any

Then apply it to the interface(s):

int <if_name>
access-group 101 in

"access-group 101 out" might work better. You'll need to consider your requirements.

The "deny ip any any" isn't really needed, but I like to add it as a reminder. As soon as you create an ACL there's an implicit "deny" at the end.

Note that this will whack ALL IP traffic inbound (or outbound) for the interfaces on which it's applied. Be very careful. For instance, if you apply this to a remote router's serial i/f, you'll lose your telnet connection.

 

[84112000]

Thank you mtelleka and lgarner. The info was really good. I'm all set now.