Access List Denied IPs

Unanswered Question
Oct 23rd, 2008

Hello,

The access-list applied to the Fa0 interface of my GW (AS5350) just denied a bunch of IP addresses.

110 deny udp any any eq 5060 (620 matches)

Is it possible to know which IPs were denied?

Thanks a lot.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
allan.thomas Thu, 10/23/2008 - 12:30

The only way to determine what IPs were denied is to identify what protocol is being specifically blocked, and which host will likely be using this protocol?

In this case, UDP port 5060 can be the destination port for the CallManager SIP protocol, TCP 5060 on the other hand is the default destination port for a SIP device/Trunk.

Therefore, essentially the IPs in question are using SIP, are you aware of hosts on the network which will be using SIP?

Another alternative would be to capture a sniffer trace and create a filter udp port 5060?

HTH

Allan.

Actions

This Discussion