Access List Denied IPs

Unanswered Question
Oct 23rd, 2008
User Badges:


The access-list applied to the Fa0 interface of my GW (AS5350) just denied a bunch of IP addresses.

110 deny udp any any eq 5060 (620 matches)

Is it possible to know which IPs were denied?

Thanks a lot.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
allan.thomas Thu, 10/23/2008 - 12:30
User Badges:
  • Blue, 1500 points or more

The only way to determine what IPs were denied is to identify what protocol is being specifically blocked, and which host will likely be using this protocol?

In this case, UDP port 5060 can be the destination port for the CallManager SIP protocol, TCP 5060 on the other hand is the default destination port for a SIP device/Trunk.

Therefore, essentially the IPs in question are using SIP, are you aware of hosts on the network which will be using SIP?

Another alternative would be to capture a sniffer trace and create a filter udp port 5060?




This Discussion