12-18-2007 12:11 PM - edited 02-20-2020 09:39 PM
Hi,
I configured a few voice routers that are directly exposed on Internet. They have access-lists that denies all the sip and h.323 traffic. When I'm scanning the router for example with nmap (syn scan) I get message that the port is open (administratively filtered). I just want to deny any responses on that ports like the and hide my router at all. Is there a way to do that?
Thank you in advance.
Regards,
Zdravkov
12-18-2007 03:44 PM
you need to use the --packet-trace option of nmap to see what, if anything, is actually being returned by the router. By default, I believe Cisco routers will reply with a helpful ICMP message. You can filter outbound ICMP using an ACL. You may be able to selectively disable certain ICMP types via a more global setting too. Post this question to the firewall group with your router model and IOS version and you're sure to get a good response.
12-18-2007 11:58 PM
Thank you very much. If I don't find any better ideias I'm going to filter the outgoing icmps.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide