• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 365
  • Last Modified:

Suspicious ACL in router config

I'm not very acl or router savvy so I bring this to you for an explanation.  I am looking at the ACL's in our router and see a large number of hits on one line of the acl that I don't understand.  Our public IP space is X.140.0.0/16 using  private inside addresses. This looks extremely suspicious to me.  should I be seeing this many hits on a deny statement? Should I be concerned?  If so, how do I fix this situation?

 
 20 deny ip X.140.0.0 0.0.63.255 X.140.0.0 0.0.63.255 (12311 matches)
 
0
Jelonet
Asked:
Jelonet
  • 2
  • 2
2 Solutions
 
rsivanandanCommented:
It depends on which direction the traffic is flowing through. Can you paste your configuration here (sanitized of course)

Cheers,
Rajesh
0
 
JelonetAuthor Commented:
I cant paste the config here but this acl is for internet to inside "ip access-group OUTSIDE_INSIDE in" is on the s0/0 facing ISP
0
 
rsivanandanCommented:
In that case, obviously as you can see both the source and network range belongs to you. There is only one attack that I know is of that type which is land attack.

Cheers,
Rajesh
0
 
adnanmigCommented:
Hello There,

Your ACL is blocking any traffic from and to part of your Public IP addess range.To be precise, from X.140.0.1 to X.140.63.254. Actually the destination in your case (which is the same as source) does not make sense since your are using private network addresses inside. this command can only be usefull if you have assigned that block somewhere and you dont want any connectivity with that segment from your network through the s0/0.

regards,
0
 
JelonetAuthor Commented:
Sorry I couldn't get back here until now.  I'll have to do a little more research on the ip address scheme.  Thank you for your responses.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now