Create Cisco ACL to block incoming RDP & SNMP.

We just recently added a new clinic/site to our practice, but I have little or no say in their infrastructure.  (they have separate IT staff)  I've caught them a couple times running snmp scans & trying to rdp into our servers.  I want to setup our ACL to block snmp inbound from them & rdp.  Details below:

Cisco 2851

My Network (10.0.1.0) <-> Clinic Router(12.12.12.34) <-> Clinic Network (192.239.x.x)

interface Serial0/0/0
ip address 10.128.64.34 255.255.255.252
ip nat outside


interface FastEthernet0/1
ip address 12.12.12.34 255.255.255.0
ip nat inside


ip nat pool Clinic 10.1.48.10 10.1.48.254 netmask 255.255.255.0
ip nat inside source list 110 pool Clinic

access-list 110 permit ip 12.12.12.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 110 permit icmp 12.12.12.0 0.0.0.255 10.0.1.0 0.0.0.255


Thanks for the help!

James
LVL 1
deathandgravityAsked:
Who is Participating?
 
campbelcCommented:
access-list 101 deny tcp your_network your_subnet_mask clinics_network clinics_subnet_mask eq 3389
access-list 101 deny udp your_network your_subnet_mask clinics_network clinics_subnet_mask eq 161

Try this.

0
 
campbelcCommented:
Actually, in your logs to you see them coming from the 192.x.x.x address or the 12.x.x.x address?
0
 
deathandgravityAuthor Commented:
Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.