Woah! Make sure you do a permit any any first. Remember that there is an
implicit deny any at the end of your access list! There shouldn't be a
problem stopping NetBIOS at the router, a better example might look like
below.
Ex.:
access-list 101 deny udp any any eq 137
access-list 101 permit any any
HTH,
Evan
-----Original Message-----
From: Scott S. [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 17, 2001 1:36 PM
To: [EMAIL PROTECTED]
Subject: Access Lists on a Cisco 7200
Our WatchGuard FireBox seems to be getting overloaded by the number of
NetBios packets it is denying. We are thinking that it might be a good idea
of blocking these at our router instead. It is a Cisco 7200 with a pretty
light load. Does this sound like a sensible idea? If so I was thinking the
following rule would be appropriate:
access-list 101 deny any 195.50.79.0 eq 137
Is this correct, or am I way off?
Thanks in advance for any replies.
Sincerely,
Scott
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
