How to block port probes on 1605? 1

[CaffieneNnicotine]

Pretty straight forward question. Frame relay is up and functioning. I have serial0.1 with ip address 216.98.xxx.xxx. And Ethernet0 with 192.168.0.0 subnet. How would I go about blocking port probes and the such. The only thing I want to let in my serial0 is

http://www port

80 traffic due to a future web server. Thanks very much for you help.

All Complaints Will Be Routed To /dev/null

 

[sobak]

ACL is the best way to go......

1. Nat 192.168.0.0 through router
2. Setup ACL...
access-list 100 permit any host 192.168.0.? eq www
access-list 100 deny ip any any
access-list 100 deny icmp any any
3. Apply access list 100 to the routers S0.1 interface

The last two lines in the ACL are probably not needed but I use them anyway so I know where the others are being blocked. At the end of any ACL there is an implicit deny so you can get away with the last two if you want to.

This is down and dirty, if you need a further explanation let me know.

david e
*end users are just like computers, some you can work with...others just need a simple reBOOTing to fix their problems.*

 

[CaffieneNnicotine]

Thanks alot! You're the greatest! All Complaints Will Be Routed To /dev/null