Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Bogons list on internet router

I need to apply bogons list on my internet facing router in my organisation . suggest me were i need to apply this bogons list , whether to the interface which holding teleco circuit . for eg

interface faE 0/0

ip address 202.88.X.X 255.255.255.252

ip access group bogon_list in

else on my inside interface which is holding my Lan segment for Vpn server , webserver etc .

interface faE0/1

ip address 202.88.X.X 255.255.255.240

ip access group bogon_list in

if not i can apply on my inside interface on out side direction

ip access grop bogon_list out .

which is the better way suggest me . where to apply this . how this will prevent from outside access

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Bogons list on internet router

Applying the bogon on the inbound of the outside (Telco) will allow you to protect your Internet facing router also. If you apply the bogon on inside interface, your Internet router will not be protected. (I've edited my previous post after posting)

You should put permit ip any any after the bogon to allow all other traffic.

Regards,

jerry

3 REPLIES
Cisco Employee

Re: Bogons list on internet router

The bogon access list should be applied on the inbound of the outside interface (Telco circuit). This will allow you to protect your Internet facing router also. If you apply the bogon on inside interface, your Internet router will not be protected.

HTH,

jerry

Re: Bogons list on internet router

Hi jerry

whether i can apply to outbound direction of inside interface ( Lan segment ) .

applying to inbound direction on outside interface ( Teleco circuit ) or to outbound direction of inside interface ( Lan segment ) meaning of the both is same or different , kindly clarify me on this plz . Thank you .

below to the bogons list whether i can apply permit ip any any statement to allow other ip traffic to permit inside to my lan segment

Cisco Employee

Re: Bogons list on internet router

Applying the bogon on the inbound of the outside (Telco) will allow you to protect your Internet facing router also. If you apply the bogon on inside interface, your Internet router will not be protected. (I've edited my previous post after posting)

You should put permit ip any any after the bogon to allow all other traffic.

Regards,

jerry

467
Views
0
Helpful
3
Replies
CreatePlease to create content