Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Secure Cisco 827 Router

Hi All

Wanted to secure my router I have set it up with the basic config as supplied by my isp. Wanted to block external telnet and icmp pings. COuld someone suggest how to do or a helpful link.

This is my running-config:

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption


hostname mrRouter


mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

no ip domain-lookup

ip name-server x.x.x.240


bridge irb



interface Ethernet0

ip address

ip nat inside

no keepalive

hold-queue 100 out


interface ATM0

no ip address

no atm ilmi-keepalive

pvc 8/35

encapsulation aal5snap



dsl operating-mode auto

bridge-group 1

hold-queue 224 in


interface BVI1

ip address x.x.x.114

ip nat outside


ip nat inside source list 1 interface BVI1 overload

ip nat inside source static tcp 80 x.x.x.114 80 extendable

ip classless

ip route x.x.x.113

no ip http server



access-list 1 permit

bridge 1 protocol ieee

bridge 1 route ip


line con 0

exec-timeout 120 0

logging synchronous

login local

stopbits 1

line vty 0 4

exec-timeout 120 0

login local


scheduler max-task-time 5000


New Member

Re: Secure Cisco 827 Router


on global conf. mode:

access-list 101 deny tcp any x.x.x.114 eq 23

access-list 101 deny icmp any x.x.x.114 echo-request

access-list 101 permit ip any any

on the BVI1 interface:

ip access-group 101 in

link about IP access-list configuration:

CreatePlease login to create content