Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Foundstone scanning T.125

We want to restrict a Foundstone scanning box to only scan certain subnets on a pair of trunked switches. I've added a extended ACL to both switches (also tried a standard ACL) restricting the Foundstone to access certain devices.

ie. -

Extended IP access list FOUNDSTONE

10 deny ip host host

20 permit ip any any

Now for some reason traffic is still hitting from with the above ACL applied inbound to the links of these 2 switches back to the Core switches. How is that possible? There are no other trunks to other switches.

I peformed a packet capture on host and I see the traffic making its way though (Foundstone box) is sending traffic using the T.125 protocol which I gather reading is IP.

Anyone had this problem before with T.125/Foundstone, the traffic making its way through an ACL. How can this be possible?.

Everyone's tags (1)