Filtering a specific IP address

[Narboule]

I'm pretty new to router configuration and have blocked certain ports on my Cisco 3620 for my entire network.

I now need to block a specific IP address from using port 5190 on tcp and udp. What subnet mask do I use in the filter?

Thanks.

 

[fmonteiro]

I do not know why you are not receiving the log messages. Try the following:
term monitor
conf t
logging buffered
exit
sh log

Does the %SYS-5-CONFIG_I message appears?

The in is for incoming. The point is if the user is unable to send the message it is not going to receive a response so, in this case, you do not need to check from the Internet. If the traffic could originate in the Internet you need to check in this direction also.

I have a very good introductory material for access-list in an PDF file if you want it.

 

[Narboule]

I did what you said, and when I typed "sh log", I got the %SYS-5-CONFIG_I message and the following:

%SEC-6-IPACCESSLOGP: list 130 denied tcp <IP1> (3140) -> <IPRemote> (5190), 1 packet

I am interested in the PDF file you have for access-lists. Can I download it somewhere?

 

[fmonteiro]

I really I do not know why you do not receive the messages in the console (term monitor) and perhaps somebody could help with this. I must be missing something. Fortunately the messages were buffered.
Well, it shows us that tcp is the used protocol and also shows the ports. With this you may delete the udp filter, since it is not necessary.
Now everything looks fine for me. The log is a good tool to debug access-lists.
About the PDF file I am sorry but I do not know where to download it from.
Is there anything else I may help you with?

 

[Narboule]

Do you have the PDF file yourself? You can e-mail it to me. I have a yahoo.com address with the name narboule.

Thanks for all your help.

 

[fmonteiro]

PDF file sent.

Let us know any additional question you may have.