Access list to Block ports

Answered Question
Apr 27th, 2007
User Badges:

Hi ,

I have congfired a access-list on my Internet router 3845 as attached to block ports 1720 & 5060 , but when i apply it on the intended interface the BGP state goes down.Is my configuration correct ? Also suggest .






Attachment: 
Correct Answer by mohammedmahmoud about 10 years 1 month ago

Hi there,


BGP uses TCP port 179, accordingly you must permit it on your access-list, and don't forget the access-list has an implicit deny in the end, so you should add permit ip any any at the end of your ACL after denying what you want to deny to permit the rest of the traffic.


HTH, please rate if it does help,

Mohammed Mahmoud.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
mohammedmahmoud Fri, 04/27/2007 - 04:25
User Badges:
  • Green, 3000 points or more

Hi there,


BGP uses TCP port 179, accordingly you must permit it on your access-list, and don't forget the access-list has an implicit deny in the end, so you should add permit ip any any at the end of your ACL after denying what you want to deny to permit the rest of the traffic.


HTH, please rate if it does help,

Mohammed Mahmoud.

royalblues Fri, 04/27/2007 - 04:33
User Badges:
  • Green, 3000 points or more

Your access-list does not carry any permit statemets.

include access-list 102 permit ip any any and check


HTH,

Narayan

Actions

This Discussion