Hi,
I am very new to Cisco Access lists, and I am trying the following:
enable
config term
interface s0
ip access-group MyList in
ip access-list extended MyList
deny ip any host 216.179.143.249
deny tcp any any eq 137
deny udp any any eq netbios-ns
deny tcp any any eq 138
deny udp any any eq netbios-dgm
deny tcp any any eq 139
deny udp any any eq netbios-ss
permit ip any any
exit
What I am trying to accomplish is to deny any access to Netbios, and that works. But as you can see in the beginning of the commands, I am also trying to get rid of this server at 216.179.143.249 (a Nimda infected server that has still not been fixed), trying to deny any access to that IP. But it doesn't work??? My Firewall still displays the message that access to IP 216.179.143.249 was blocked (which means it got beyond the router).
What am I doing wrong?
(I am sure it's something very simple... let me know where I can get a good start on learning Cisco Access List configuration, maybe a good online tutorial...)
Thanks,
DrTebi
I am very new to Cisco Access lists, and I am trying the following:
enable
config term
interface s0
ip access-group MyList in
ip access-list extended MyList
deny ip any host 216.179.143.249
deny tcp any any eq 137
deny udp any any eq netbios-ns
deny tcp any any eq 138
deny udp any any eq netbios-dgm
deny tcp any any eq 139
deny udp any any eq netbios-ss
permit ip any any
exit
What I am trying to accomplish is to deny any access to Netbios, and that works. But as you can see in the beginning of the commands, I am also trying to get rid of this server at 216.179.143.249 (a Nimda infected server that has still not been fixed), trying to deny any access to that IP. But it doesn't work??? My Firewall still displays the message that access to IP 216.179.143.249 was blocked (which means it got beyond the router).
What am I doing wrong?
(I am sure it's something very simple... let me know where I can get a good start on learning Cisco Access List configuration, maybe a good online tutorial...)
Thanks,
DrTebi