Cisco 2500 Filter traffic by tcp port#

I have a cisco 2500 that I would like to enable packet filtering on I am looking to block inbound TCP port 139 (NetBios) and outbound 1027 (unknown service possible hacker activity) 200 points to anyone who can show me 1) if IOS on a 2500 can filter the packets. 2) how to make the config changes.
LVL 1
NFUNKAsked:
Who is Participating?
 
dsernaConnect With a Mentor Commented:
The IOS on the 2500 does come with traffic filtering (access-lists) so here is what you want to do,first you have to create an access-list like this:

router>enable
#conf t
router(config)#access-list 101 deny tcp any any eq  Netbios
router(config)#access-list 101 permit tcp any any
router(config)#access-list 102 deny tcp any any eq 1027
router(config)#access-list 102 permit tcp any any
router(config)#interface Ethernet0
router(config-if)#ip access-group 101 in
router(config-if)#<ctrl><z>
router#conf t
router(config)#interface Ethernet1
router(config-if)#ip access-group 102 out
router(config-if)#<ctrl><z>
router#copy run start

So the above is an example of how to create access-lists to suit you need. The creation of extended access-list 101 is block tcp netbios traffic and to let all other tcp traffic through. If you don't put the permit tcp any any after the first access-list statement, there is an implicit deny all which will block all tcp traffic(not good). So that is why you need the second access-list line. The second access-list 102 is to not let any traffic from tcp port 1027 leave your network. I assumed that  you have at least two interfaces on your router? One outbound and one inbound? Thus in my example, I assume that Ethernet0 is your inbound interface,(that's why I applied access-group 101 in on that interface). Ethernet1 inmy example is the outbound interface and that is why I placed access-group 102 out on that interface.

Hope that helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.