2017年5月18日 星期四

Cisco Switch Block 445 Port

1.透過Vlan

ACL
ip access-list extended deny445
permit tcp any any eq 445
permit udp any any eq 445

VLAN Map
vlan access-map deny445 10
 match ip address deny445
 action drop
vlan access-map deny445 20
action forward

Applying VLAN Map to VLAN

vlan filter deny445 vlan-list  “Vlan ID” 


2.透過port

ip access-list extended deny445
deny   tcp any any eq 445
deny   udp any any eq 445
permit ip any any

int r f0/1 – X or Gi1/0/1 - X
ip access-group deny445 in



沒有留言:

張貼留言