ACL outside interface permit DHCP

Unanswered Question
Dec 20th, 2007

Hello Experts,

Easy question

router fa0/0 (outside interface)- address obtained by DHCP from ISP

I need to know how I can create an acl in the outside int of the router that allows me to BLOCK all other traffic but to allow my router to continue accepting the ip address by DHCP.

Will this rule work?

ip access-l ext outside

permit tcp any int fa0/0 eq 68

permit udp any int fa0/0 eq 68

permit tcp any int fa0/0 eq 67

permit udp any int fa0/0 eq 67

int fa0/0

access-g outside in

Or should I configure something else?

Thanks for any advice.

Randall

Please help

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mvsheik123 Mon, 12/31/2007 - 11:22

Only for DHCP it works ( I have not tested though), but you might need to open for DNS also.

hth

MS

Actions

This Discussion