Re: Cisco 877 - Stealth Port Scan
- From: roberson@xxxxxxxxxxxx (Walter Roberson)
- Date: Thu, 27 Sep 2007 19:33:01 GMT
In article <13fno66k6p8jhd0@xxxxxxxxxxxxxxxxxx>,
Peter Danes <p_danes@xxxxxxxxx> wrote:
access-list 102 permit ip any 192.168.0.0 0.0.0.255
access-list 102 deny ip any any
int dialer0
ip access-group 102 in
no ip unreachables
ip nat outside
ip inspect Internet out
ip inspect Internet in
ip virtual-reassembly
For some reason, as soon as I apply access-group 102 to the dialer0
interface, my port forwards cease to work but I am still able to open
web pages etc.
dialer0 is your outside interface, so the "in" access-group will be processed
-before- NAT is applied. Thus it must have the public destinations.
.
- References:
- Cisco 877 - Stealth Port Scan
- From: Peter Danes
- Cisco 877 - Stealth Port Scan
- Prev by Date: Re: Replacement for Aironet 350 Workgroup Bridge
- Next by Date: Re: Replacement for Aironet 350 Workgroup Bridge
- Previous by thread: Cisco 877 - Stealth Port Scan
- Index(es):
Relevant Pages
|
