your problem is with the line ' dialer-list 1 protocol ip permit ' this is allowing any kind of traffic initiate a call , you need to make an ACL that only allows certain traffic to initiate a call . see below
access-list 101 deny ip any host 255.255.255.255 (denies broadcasts)
ccess-list 101 deny udp any any eq domain (denies DNSqueries)
access-list 101 deny udp any any ea 137 (Denies net bios)
access-list 101 deny udp any any ea 139 (denies netbios)
access-list 101 deny ip 126.96.36.199 0.0.0.255 any (denies multicast)
access-list 101 deny udp any any eq ntp (denies ntp)
access-list 101 permit ip any any log (permits all other traffic , the 'log' keword will identify the SA & DA that brings up the line in the future with port #'s , you can do additional filtering if you wish by adding to ACL 101.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...