ACL outside interface permit DHCP

Unanswered Question
Dec 20th, 2007
User Badges:

Hello Experts,

Easy question

router fa0/0 (outside interface)- address obtained by DHCP from ISP

I need to know how I can create an acl in the outside int of the router that allows me to BLOCK all other traffic but to allow my router to continue accepting the ip address by DHCP.

Will this rule work?

ip access-l ext outside

permit tcp any int fa0/0 eq 68

permit udp any int fa0/0 eq 68

permit tcp any int fa0/0 eq 67

permit udp any int fa0/0 eq 67

int fa0/0

access-g outside in

Or should I configure something else?

Thanks for any advice.


Please help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mvsheik123 Mon, 12/31/2007 - 11:22
User Badges:
  • Gold, 750 points or more

Only for DHCP it works ( I have not tested though), but you might need to open for DNS also.




This Discussion