Have other people had success with the 1434 tcp/udp acl lists? I don't seem to be getting a comfortable block either with inbound or outbound and have tried applying to both main interface and subinterfaces. Though I am picking up the offending ip's in my logs, traffic is still way above average for a Sunday....
I know a few people who are blocking it fine that way and I'm blocking it here at home but my hits are no where what they are seeing.
How is your access-list defined and applied? Is it on your edge/internet routers? Perhaps some machines are infected in your network already and this is where the traffic is coming from you are seeing.
If you do 'show access-list' on the router you should hits on the deny 1434 statement.
This is what seems to be working best, some interfaces are still passing more traffic than I would like to see. I have tried to apply "out" on wan links that seem to be more saturated than usual (possibly indicating site infection) but this only seems to make the router sluggish
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...