Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
259
Views
0
Helpful
2
Replies

Debug IP and seeing packet type

maurice.walsh
Level 1
Level 1

‎04-30-2002 07:40 AM - edited ‎03-01-2019 09:33 PM

Hi All,

I've got a problem where an 801 is connecting via Isdn way too often to the Internet, I want to set up access lists to prevent the Isdn line opening for up wanted packets.

I'm using debug ip packet to look at info going out, but this isn't showing me the packet type i.e. ftp, DNS etc.

Is there someway I can see the packet type, this way I can build up a good access list.

Regards

Maurice Walsh

Labels:
0 Helpful
2 Replies 2

mljohnson
Level 4
Level 4

‎04-30-2002 08:39 AM

You should use "debug dialer" and "debug ip packet detail"; you can also use an access-list with the IP debug, if you want, to limit the amount of debug generated. You should disable FS on the ISDN interface.

In general, you should determine in advance what you want to be interesting (for dialing and idle timer resets), and configure your access-lists accordingly.

0 Helpful

ali-franks
Level 1
Level 1
In response to mljohnson

‎05-01-2002 07:46 AM

Hi Maurice,

You may also want to block UDP ports 137,138 &139 inbound on E0 with an ACL. These broadcasts tend to bring up the line when both servers and clients put out NetBIOS requests.

Ali

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents