Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Can you help, access list to restirct http

Hi

I need to apply a access list to restrict http traffic to a speacfic vlan and allow only Terminal service access and VNC . I have little or no exprience, HELP !

1 REPLY
Cisco Employee

Re: Can you help, access list to restirct http

By default Terminal Server and Windows 2000 Terminal Services uses TCP port 3389 for client connections.

VNC uses default ports of TCP 5800 and 5900. It supports the virtual screen number concept of X Windows, which means these ports apply to screen #0. Screen #1 would be at ports 5801 and 5901.

So as for your requirement, permit the above specific ports and any others that you may need in the acl and deny eveything else.

OR

Explicitly deny port 80 and allow everything else which will include the above ports. More info on ACLs on the below url.

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml

Thanks,

yatin

90
Views
0
Helpful
1
Replies