Thanks everyone for helping out. I think Jason's suggestion along with the
permit any/any line is probably the way to go for us. So basically, I will
have the following:
access-list 101 deny udp any 195.50.79.0 0.0.0.255 range 137 139
access-list 101 deny tcp any 195.50.79.0 0.0.0.255 range 13
Remember, the fewer lines an ACL is, the faster it is parsed, the faster
packets pass:
access-list 101 deny udp any 195.50.79.0 0.0.0.255 range 137 139
access-list 101 deny tcp any 195.50.79.0 0.0.0.255 range 137 139
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [E
Hi
If you need to pass VPN traffic you will need to add permits for GRE and ESP
as well.
HTH
John Hardman CCNP MCSE+I
"John Starta" <[EMAIL PROTECTED]> wrote in message
5.0.2.1.2.20010117135118.037b0d10@popcorn">news:5.0.2.1.2.20010117135118.037b0d10@popcorn...
> Scott,
>
> The following examp
Woah! Make sure you do a permit any any first. Remember that there is an
implicit deny any at the end of your access list! There shouldn't be a
problem stopping NetBIOS at the router, a better example might look like
below.
Ex.:
access-list 101 deny udp any any eq 137
access-list 101 permit a
Scott,
The following example will block the full suite of NetBios inbound to you
(presumably 195.50.79.0/24). This is not a complete ACL -- it will be
necessary to either specifically allow the traffic you desire inbound, or
add another line to the bottom (currently commented out) permitting
5 matches
Mail list logo
