dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2
share rss forum feed


tomkb
Premium
join:2000-11-15
Tampa, FL
kudos:5
Reviews:
·Verizon FiOS
reply to Angralitux

Re: Router ACL question

Thanks for your help.

I added the following:

ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600

and then removed the 'permit any any' from the acl.

Web browsing works, but my sip phone on my desk does not.

I entered the following but still no luck.

ip inspect name myfw sip timeout 3600
ip inspect name myfw sip-tls timeout 3600

Appreciate any help.



tomkb
Premium
join:2000-11-15
Tampa, FL
kudos:5

disregard, I got the sip phone to work.



Angralitux

join:2004-05-20
DO

1 edit
reply to tomkb

glad to see you got it working! as you may know, it is a good practice to explicit deny everything after all your "permits" on the inbound access list. What I meant, in plain english is to put:

access-list 101 deny ip any any
 

Exactly on place you had:
access-list 101 permit ip any any
 

**edit was to further clarify**
--
All Is possible...