Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
4
Helpful
2
Replies

Changing returned message from router when using ACL

z.zdravkov
Level 1
Level 1

‎12-18-2007 12:11 PM - edited ‎02-20-2020 09:39 PM

Hi,

I configured a few voice routers that are directly exposed on Internet. They have access-lists that denies all the sip and h.323 traffic. When I'm scanning the router for example with nmap (syn scan) I get message that the port is open (administratively filtered). I just want to deny any responses on that ports like the and hide my router at all. Is there a way to do that?

Thank you in advance.

Regards,

Zdravkov

Labels:
0 Helpful
2 Replies 2

mhellman
Level 7
Level 7

‎12-18-2007 03:44 PM

you need to use the --packet-trace option of nmap to see what, if anything, is actually being returned by the router. By default, I believe Cisco routers will reply with a helpful ICMP message. You can filter outbound ICMP using an ACL. You may be able to selectively disable certain ICMP types via a more global setting too. Post this question to the firewall group with your router model and IOS version and you're sure to get a good response.

z.zdravkov
Level 1
Level 1
In response to mhellman

‎12-18-2007 11:58 PM

Thank you very much. If I don't find any better ideias I'm going to filter the outgoing icmps.

Regards

0 Helpful
Customers Also Viewed These Support Documents