[wplug] OT - Some simple Cisco ACL Help
scoob8000
scoob8000 at gmail.com
Fri Dec 5 10:18:53 EST 2008
Messing around with Cisco ACL's, we want to block certain types of
traffic from the outside in.
In this example I want to block everything except SNMP.
We're applying this access list to a vlan in the in direction.
access-list 101 permit udp any any eq snmp
access-list 101 permit udp any any eq snmptrap
access-list 101 deny ip any any log
With this setup SNMP does not work, in the log we see the source ports
for SNMP are getting blocked.
The problem is those source ports are dynamic. Are we looking at
this backwards or something here?
Thanks
More information about the wplug
mailing list