I have the same problems as you guys..
Could anybody clarify which exact port we need to open ?
I have the following firewall configuration:
interface Dialer1 (outbound interface)
ip address negotiated
ip access-group 102 in
ip access-group 101 out
..
access-list 101 deny ip any 10.0.0.0 0.255.255.255
access-list 101 deny ip any 172.16.0.0 0.15.255.255
access-list 101 deny ip any 192.168.0.0 0.0.255.255
access-list 101 permit ip any any
access-list 102 deny ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 172.16.0.0 0.15.255.255 any
access-list 102 deny ip 192.168.0.0 0.0.255.255 any
access-list 102 permit icmp any any time-exceeded
access-list 102 permit icmp any any packet-too-big
access-list 102 permit icmp any any traceroute
access-list 102 permit icmp any any unreachable
access-list 102 permit icmp any any echo
access-list 102 permit udp any any eq 6100
access-list 102 permit udp any any eq 5000
access-list 102 permit udp any any eq 4254 (My Ventrilo Server working on this port)
access-list 102 deny ip any any
Is it correct ?
Any suggestions ?
|