Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Block Ports

Dear Friends,

can anybody let me know how to block ports on any Operating System...? Rightnow i wanted to block certain ports on my systems within our LAN. any port Blocking Software can be of help to me or should t be done at the router Level.? If at the Router level pl. let me know the config part of it.

say i want to block http,ftp,telnet and some standard ports.

Also pl. let me know the commant for blocking the finger port on my router.



New Member

Re: Block Ports


You can confgure access lists in the router.. try that out


Re: Block Ports

I believe, a firewall is what you need.

You can also perform filtering funtions on a router

but this will require some amount of CPU resources.

But if you have enough CPU resources on your router,

you can configure the access-lists (or ACLs).

There are steps and rules to consider in using ACLs,

and the following link should help:

To define specific protocols and ports, you'll be needing

Extended ACLs. A typical example looks like:

interface Ethernet0

ip address ******

ip access-group 100 in

access-list 100 permit tcp eq www

access-list 100 permit tcp eq smtp

Lastly, "finger" uses port number 79 both for TCP and UDP.


New Member

Re: Block Ports

Thanks Ganesh For the response. I treid filtering through Access list only but I faced the below Problem. Pl. let me know how to overcome thi?

We have 3 subnets in our office, Configured as secondary Interfaces on the Router. Our Servers are spread across these 3 subnets. Say if I block a port on server sitting in Subnet A through access list, and run a port scan from any node on subnet A , The port is not blocked as ROuter will not come into picture for communication between systems on the same subnet. where as if i scan a server in Subnet B it shows port blocked as i must go through the router to access the secondary subnet and it gets filtered by the access list.

Request a solution for this problem.


Re: Block Ports

On Windows 2000 for blocking ports, you can use the inbuild TCP/IP filtering.

Open the TCP/IP Properties of Local Area Connection, go to Advanced > Options > TCP/IP filtering. Here u can allow or deny the ports u need.

And if u need to disable finger services on the router, use the command

no ip finger.


CreatePlease to create content