Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Does blocking ip blocks tcp, udp and icmp?

I am trying to block access to all messenger from within our network and I have the following questions:

1. Can I block using names of servers for eg login.osacar.aol.com

2.If I block ip traffic , I am sure to block tcp, udp adn icmp. Please confirm

3. Applying access lists to inside interface is enough or should I consider applying them on the outside as well.

Finally are these enough :

for msn

access-list acl_in deny ip any any eq 1863

access-list acl_in deny ip any 64.4.13.0 255.255.255.0

for aol

access-list acl_in deny ip any any eq 5190

and all IP's resolving to IP host login.oscar.aol.com. which I find by doing netstat

for yahoo

block IP's found by doing netstat for cs.yahoo.com, sca.yahoo.com, msg.edit.yahoo.com

1 REPLY
Silver

Re: Does blocking ip blocks tcp, udp and icmp?

ip any any eq 1863 won't work - the ip protocol has no concept of port numbers. ICMP does not either - only tcp and udp have port numbers.

290
Views
0
Helpful
1
Replies
CreatePlease to create content