Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Debug IP and seeing packet type

Hi All,

I've got a problem where an 801 is connecting via Isdn way too often to the Internet, I want to set up access lists to prevent the Isdn line opening for up wanted packets.

I'm using debug ip packet to look at info going out, but this isn't showing me the packet type i.e. ftp, DNS etc.

Is there someway I can see the packet type, this way I can build up a good access list.

Regards

Maurice Walsh

  • Other Network Infrastructure Subjects
2 REPLIES
Bronze

Re: Debug IP and seeing packet type

You should use "debug dialer" and "debug ip packet detail"; you can also use an access-list with the IP debug, if you want, to limit the amount of debug generated. You should disable FS on the ISDN interface.

In general, you should determine in advance what you want to be interesting (for dialing and idle timer resets), and configure your access-lists accordingly.

New Member

Re: Debug IP and seeing packet type

Hi Maurice,

You may also want to block UDP ports 137,138 &139 inbound on E0 with an ACL. These broadcasts tend to bring up the line when both servers and clients put out NetBIOS requests.

Ali

87
Views
0
Helpful
2
Replies