Hi again,
I tried blocking it going out the router with ACL but
didn't succeed. I think this is because you can only
apply MAC-address ACLs to certain objects (bridge
groups, etc) and my lab setup isn't setup right to
really see if this works.
CDP uses 01000C-CCCCCC which is a Multicast MAC.
Below is the config I thru together which wasn't
working from sniffer traces I was doing on my ethernet
segment. As others have said, disable CDP on the
interface (no cdp enable) so the information isn't
advertised. Lots of useful information can be learned
from sniffing a segment and looking at CDP packet
entries :)
interface Ethernet0
ip address 192.168.1.2 255.255.255.0
bridge-group 1
bridge-group 1 output-address-list 701
!
access-list 701 deny 0000.0000.0000 0100.0ccc.cccc
(I reversed this and also tried extended)
--- Aaron Prather <[EMAIL PROTECTED]> wrote:
> If you can what protocol does it use? UDP? i know
> its a protocol in
> itself, but can this be done? what port number?
>
> Thanks guys,
>
> Aaron
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
