<div>
That is part of the TCP/IP mode of operation - If the requested service in unavailable a TCP RESET will be sent to the source in response to the SYN <br />
<br />
Try using local-policy routing to send this type of traffic to null0: (drop packet)
</div>


That is part of the TCP/IP mode of operation - If the requested service in unavailable a TCP RESET will be sent to the source in response to the SYN

Try using local-policy routing to send this type of traffic to null0: (drop packet)

<div>
I did the command:<br />
<br />
# ip local policy route-map null0<br />
<br />
Still same result
</div>


I did the command:

# ip local policy route-map null0

Still same result

<div>
Works like a charm, thanks !
</div>


<div>
<div class="content wysiwyg-content">
Hi!<br />
<br />
I have a cisco 1760 router which has port forwarding for ports 25, 80 and 443 for my web services. So if, let's say, I want to open a connection on port 21 of the router, it should not be allowed. The router sends a &quot;connection refused&quot; packet.<br />
<br />
What I want to do, is reproduce the DROP behavior of iptables. If I open a connection on port 21, the router should not respond at all and drop the packet.<br />
<br />
How can I achieve that?<br />
<br />
interface FastEthernet0/0<br />
ip address x.x.x.89 255.255.255.0<br />
no ip unreachables<br />
ip nat outside<br />
ip virtual-reassembly<br />
speed auto<br />
full-duplex<br />
!
</div>
</div>


Hi!

I have a cisco 1760 router which has port forwarding for ports 25, 80 and 443 for my web services. So if, let's say, I want to open a connection on port 21 of the router, it should not be allowed. The router sends a "connection refused" packet.

What I want to do, is reproduce the DROP behavior of iptables. If I open a connection on port 21, the router should not respond at all and drop the packet.

How can I achieve that?

interface FastEthernet0/0
ip address x.x.x.89 255.255.255.0
no ip unreachables
ip nat outside
ip virtual-reassembly
speed auto
full-duplex
!

Dropping unsollicited connections

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.