Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cisco 1720 Router, how do I block ports on this?

We have a Cisco 1720 connected to a T1 between two of our offices (point-to-point) for file sharing and all that good stuff.

The problem is that we both use the same range/class of IP addresses so Location #1 is running a DHCP server and Location #2 is configured statically for 25 hosts. We want to be able to run DHCP server in both locations without the network accidently picking up leases from the wrong location.

The easiest way I can think of is by blocking the DHCP ports (67/68) on the router so it won't go over the T1.

Anyone know how to do this on the Cisco 1720 router? I have no idea on how to work the internals b/c it doesn't seem to have a web-based administration.

4 REPLIES
Gold

Re: Cisco 1720 Router, how do I block ports on this?

your router should not pass dhcp requests from one network to the other w/o the 'ip helper-address' command. dhcp is a broadcast technology, routers do not forward broadcasts by default.

Community Member

Re: Cisco 1720 Router, how do I block ports on this?

It is because we have Network Bridging enabled on the the Point-to-Point, so that both networks appear as one. Which is what the original problem was in having us block the DHCP ports on the Cisco router.

Purple

Re: Cisco 1720 Router, how do I block ports on this?

Hi Daniel,

When you run bridging between interfaces, you cannot apply layer 3 (or, in your case layer 4) access-lists to filter out traffic, since the router switches based on the MAC addresses and does not look beyond that.

You can, however, filter based on the MAC address, but this will filter all traffic to/from the server. If that is what you want, let us know ...

Hope that helps - pls rate the post if it does.

Regards,

Paresh

Paresh

Gold

Re: Cisco 1720 Router, how do I block ports on this?

why not just use one dhcp server? or, put a dhcp server in each location, w/ different ranges of addresses (but still in the same subnet).

Is there a reason your point-to-point is configured in bridging mode?

412
Views
0
Helpful
4
Replies
CreatePlease to create content