Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

H.323 Vlunerability


As per Cisco advisory, PAT is not affected with the above vulnerability. But I would like to be sure with my setup.

I have a PAT for local LAN( for internet access and the public IP address I use for PAT is a is not the actual


I am not using FWshield, but I am using a ACL which allows all traffic to 1.1.1

int s0/0

ip access-group 199 in

access-group 199 permit ip any host

Since the ACL is allowing any traffic to come in(including 1720 bogus traffic,) does this setup affect the above vulnerability .

Thanks in advance.

Cisco Employee

Re: H.323 Vlunerability

I would say, you should start using some firewall features. But using a PAT is also sort of disallowing incoming connections. So you shouldnt be affected

New Member

Re: H.323 Vlunerability

With respect to the same topic & ACL applied in my previous email, how secure is my internal hosts which are PATed and the inbound ACL is allowing full access to the public IP which is being used for PATing.

Thanks for the kind reply.

CreatePlease login to create content