Dear Members, We have 2620 router with Fastethenet port and a Serial Interface.
1-We just want that no user traffic should directly go to router and only the traffic that is coming through Proxy Server should reach the router. 2- We want to to stop ping as no one should be able to ping us from outside network and may not chock our bandwidth. 3- We want to stop Telnet. No ne should be able to telnet it. We only want to configure router through Console Port. How can we accomplish these task? The current configuration is provided below. Thank You In Advance! Ahmad ...................................................................... ip subnet-zero ! no ip finger ! interface FastEthernet0/0 ip address x.x.x.x 255.255.255.248 secondary (Proxy IP) ip address x.x.x.x 255.255.255.240 (Gateway IP) speed 100 full-duplex ! interface Serial0/0 bandwidth 256 no ip address ip accounting output-packets encapsulation ppp shutdown no fair-queue ! interface BRI0/0 no ip address shutdown ! interface Serial0/1 bandwidth 256 ip address x.x.x.x 255.255.255.252 ip access-group 109 in encapsulation ppp no keepalive ! ip classless ip route 0.0.0.0 0.0.0.0 x.x.x.x ip route x.x.x.x 255.255.255.128 x.x.x.x (reverse path for user traffic) no ip http server ! access-list 108 permit ip x.x.x.x 0.0.0.15 any log access-list 108 permit ip host x.x.x.x any access-list 108 permit ip host x.x.x.x any access-list 109 permit icmp any any echo-reply access-list 109 deny icmp any any access-list 109 deny tcp any any eq telnet access-list 109 deny udp any any eq tftp access-list 109 permit ip any any ! line con 0 password ....... transport input none line aux 0 line vty 0 password ....... login ! End Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43449&t=43449 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]