Posted by: admin (May 29)
Filter on our cisco router ports right to protect our servers is an essential duty. In the example below how to filter the only port ssh:
- at the console enter the command:
- enable
- Then enter the password.
- hours to give a look to the configuration in use with the command:
- show running-config
- Take vision of the interfaces that you want to filter (in our example will be a serial)
- hours enter the command:
- config ends
- Following the commands needed to make an access list named minimal but functional 101:
- access-list 101 permit tcp any any established
- access-list 101 deny tcp 212.69.128.0 0.0.0.255 any eq 22 log
- access-list 101 permit ip any any
- our access list that is pretty ready. now we must go to our interface:
- interface serial1/1.1
- and then activate the access list you want with the following command:
- ip access-group 101 in
- voila, you're done, given that if something goes wrong you will go over even a package, you can always restart the router. If everything smoothly row then you have to do is give the commands:
- write
- ctrl + z
- prorpio and if you want before you leave, you can look at the statistics the access list:
- show access-list
To get to this extreme synthesis we must pass through broader horizons, at this link you can find the know-how from which I fed to cisco router to filter at least part of what it should.
0 Comments