Linksys Wireless Router :: E2500 Block Outbound And Inbound Traffic On TCP 5222 / 5223
Oct 23, 2012
I am trying to block outbound and inbound traffic on TCP 5222 and 5223 on E2500 but cannot figure out how. The reason is I have kids in my house using KiK (texting app) on iPads, iPods etc. My goal is to eliminate this applications ability to function for ANY wireless device connected to my WLAN.
View 1 Replies
ADVERTISEMENT
Dec 6, 2012
I have two ISP, I want to divide Inbound to ISP1 and Outbound to ISP2.
View 3 Replies
View Related
Oct 5, 2011
How to configure the 825 to block inbound traffic from a specific internet IP address ?i noticed an IP and MAC that i don't recognize that is listed as a connection to my NAS's media server ...i blocked it in the NAS configuration page, but i don't want any unsolicited traffic into my network.
View 3 Replies
View Related
Apr 6, 2013
I have a working L2L between two locations. Location A and Location B.
Location A: 172.16.16.0/24
Location B: 192.168.0.0/24
I would like to block anything inbound to Location A from Location B that isn't initiated from Location A. The block should be done on the ASA5505 at Location A. Location B uses an ISR G2 router. i.e. Location A can start an SSH session to a server in Location B Location B cannot start an SSH session to a server in Location. .
I tried using a VPN filter on the ASA5505 but it isn't stateful, I cannot pass any traffic when using it.
Config on my ASA:
access-list vpn-traffic extended permit ip 172.16.16.0 255.255.255.0 192.168.0.0 255.255.255.0
access-list block-vpn-to-local extended deny ip 192.168.0.0 255.255.255.0 172.16.16.0
[Code]....
I also have an AnyConnect VPN setup for the ASA5505 and it is running 8.2(5).
View 4 Replies
View Related
Mar 12, 2013
I have an E2500 wireless router and I am trying to block some incoming IP addresses. I'm trying to prevent a certain ISP from throttling my access on certain websites. I can do it on individual computers but we have a bunch of devices on this network
View 1 Replies
View Related
Feb 24, 2012
Is there a way to block a range of IP addresses in the E2500? Like parental controls but with IP addresses instead of URL..
View 2 Replies
View Related
May 10, 2012
I have an E2500 configured inside my network. It is configured to give wireless PCs (This subnet is connected to a Lan port with 10.30.0.0 address) another subnet than wired PCs (this subnet is connected to Wan port 192.168.0.0). Since i configured i can access from wireless PCs to servers and PCs in the wired subnet but cannot access from wired computers from to wireless PCs. I suppouse it is because traffic is restricted from Wan to Lan.
View 5 Replies
View Related
Feb 12, 2010
BEFSX41 V2.1
Firmware: 1.52.16
The manual states how to create an inbound traffic policy but if you follow the directions there is no place to select inbound traffic.From the manual: To Create an Inbound Traffic Policy1. Enter a Policy Name in the field provided. SelectInbound Traffic as the Policy Type.2. Enter the IP Address from which you want to block.Select the Protocol: TCP, UDP, or Both. Enter the portnumber or select Any. Enter the IP Address to whichyou want to block.3. Select Deny or Allow as appropriate.4. By selecting the appropriate setting next to Days andTime, choose when the Inbound Traffic will be filtered.5. Lastly, click the Save Settings button to activate thepolicy.When finished making your changes on this tab, click theSave Settings button to save these changes, or click theCancel Changes button to undo your changes.I want to filter out a range of ip addresses from trying to connect to my network.
View 3 Replies
View Related
Mar 10, 2013
I have an E2500 router, running the latest firmware 1.0.7.
Where or how can i see which is the machine (mac or ip) that is doing more traffic, in fact i would like to see what computers are doing how much traffic.
This is a default on most routers, its so weird to not been able to find this on a Cisco product.
View 1 Replies
View Related
Jul 6, 2011
My home web hosting used to work. But because of changing ISP from Verizon to TWC, TWC gave me a modem-router and I bought my own Linksys E2500 router. Both Verizon and TWC services I subscribed are Dynamic IP. I use a third party to redirect the web traffic to my home.TWC gave me a simple modem-router in a box. Input is coax and outputs are 4 ethernet ports. I use one of the 4 ethernet outputs of the TWC box to connect to the internet ethernet input port of the E2500. All my wire and wireless devices are now feeding off the E2500. All wireless and wired devices work and can browse internet through the E2500.I have assigned one computer as the web server and set the internal IP addess of this computer as 192.168.1.128. This is the same for the setup with Verizon before.I loaded the CD came with the E2500 router and can see the LAN 192.168.1.128.My problem starts from here, I do not know how to set the port in E2500 to make the web traffic to 192.168.1.1281. Using the E2500 CD, I click to "APPLICATION AND GAMING", then "SINGLE PORT FORWARDING". under the APPLICATION NAME, I select one of the box to HTTP and type in 128 under "TO IP ADDRESS". I then click ENABLED, then "save settings" . The 192.168.1 is fixed in this window, I can only type 128.This does not work. I can browse internet but cannot access my website from any machines using domain name.Then I tried:2. with item 1 above, I continued to do SETUP>>BASIC SETUP>>DHCP RESEVERSATION. I can see the compute/sever name and the 192.168.1.128. I then click the "select" and save the client.I restarted the computer/server, I unplug and plug the E2500 power. I check the server internal IP address and it is still the same. But I just cannot browse to my website. I can browse other places.
View 9 Replies
View Related
Jul 29, 2012
So I am trying to get traffic from 192.168.1.33 on UDP ports 10000-20000 and port 5222 (udp) to have DSCP set to EF and Forwarded accordingly.
Building configuration...
Current configuration : 32481 bytes!! Last configuration change at 22:52:11 UTC Mon Jul 30 2012!version 12.2no mls acl tcam share-globalmls netflow interfacemls qosmls cef error action freezevty-async!!spanning-tree mode pvstdiagnostic bootup level completeaccess-list 99 permit 192.168.1.51access-list 99 permit 192.168.1.9access-list 99 permit 192.168.1.8access-list 99 permit 192.168.1.12access-list 111 permit udp any any range 10000 20000access-list 111 permit udp any any range 1 9999access-list 111 permit tcp any anyaccess-list 111 permit udp any any range 20001 49151access-list 111 permit udp any any range 50000 65535access-list 150 permit udp any any eq 5060!redundancymain-cpu auto-sync running-configmode sso!ip access-list extended Modesto_Officeremark Wireless Linkpermit tcp any any establishedpermit icmp any anypermit udp host 65.214.162.12 host 99.24.26.84 eq tftppermit ip host 65.214.162.24 host
[code]....
View 1 Replies
View Related
Jan 30, 2012
I know I can use the RTR statement to determine when the primary ISP circuit goes down via this technote: url...My question can I assign static Nats on the backup ISP connection to the same inside servers in the dmz.?Example 10.1.1.11 is mapped to ISP1 ExternaIP of 65.217.77.11. Can it 10.1.1.11 also be mapped to ISP2's 208.217.77.11?This way I can get my DNS changed and my inbound traffic to servers in my DMZ on the asa 5510 running 8.0.3 code can continue to receive Inbound traffic.
View 1 Replies
View Related
Nov 20, 2011
I'm running a Cisco ASA 5510 with version 7.2(3) and I've been tasked with permitting some inbound & outbound TCP & UDP ports to/from a specified address space on the internet.
In looking at my current ASA config I see other access lists already configured so I'm assuming I can just set up a new access list in similar fashion, but I wanted to verify here first.
View 6 Replies
View Related
Feb 5, 2013
-I need to configure the following on my PIX:
TCP port 2195 - outbound
-TCP port 2196 - inbound
How would I configure this via ASDM?
View 3 Replies
View Related
Dec 26, 2011
I’m trying to configure my ASA 5505, in order to allow my inbound and outbound mail communications. Here with this mail I’ve attached a diagram which illustrates my exact network setup along with ip addresses.
In this setup I’ve enabled port forwarding on my ADSL router (port 25 and 110) and configured the ASA accordingly, and my mail server is located inside my network.
My problem is currently I can send mails from my inside network to outside but my not receiving any mails which originate from outside. I’ve attached my current ASA configuration as well,
C:UsersSuthakarDocumentsOffice_DocsThakralABC Computers
Final config on ASA5505
host name Cisco
enable password 8Ry2YjIyt7RRXU24 encrypted
password 2KFQnbNIdI.2KYOU encrypted
names
!interface Vlan1
nameif inside
security-level 100
ip address 192.168.155.201 255.255.255.0
[Code] ......
View 3 Replies
View Related
Feb 28, 2012
I have a weather station at our high school that needs UDP port 9500 open inbound/outbound to specified IP addresses.
Cisco PIX Security Appliance Software Version 8.0(4)
Device Manager Version 6.1(5)57
View 1 Replies
View Related
May 15, 2012
RV220W - I'm trying to create a one-to-one NAT connection to a PC on my network. I have 5 static IP's assigned by my ISP. I've gone through the step of 'registering' each IP in turn on the WAN port, and pinging that IP from an external device until it starts to respond, then I set the WAN IP back to the one I want to use to manage the device.
I think what I want to do is simple. I simply want to NAT ALL traffic hitting my 2nd IP address, let's call it 24.15.120.73 (not the real value) to 192.168.1.10 internally. I want ALL ports both UDP and TCP to be forwarded. This Server is then going to be one end of a VPN tunnel going to another site, but I don't want to complicate things with that for now. So I can't even seem to get one-to-one NAT working! I created the one-to-one NAT on the Advanced tab of the firewall and created rules for all ports for UDP and TCP, but I can still never 'see' the internal server from the Internet. Also, the server will not get out to the Internet (can't hit Google, etc).
View 2 Replies
View Related
Feb 21, 2013
I'm intending to purchase a switch for work,and I need to limit the bandwidth of one of the ports to 25 Mbit upload and 25 Mbit download (we have 100/100 Mbit connection and the customer is only paying for 25). I been trying to find information on how this could be "properly" done and what kind of switch I need to buy. As far as I have understood, most L2+ switches support outbound rate limiting, but not inbound, and as I only want the customer to have 25 mbit up and down, I need both.
I been looking at a Cisco Catalyst 3560 switch, and I'm first and foremost wondering if I can limit the inbound AND outbound bandwidth on this switch? Perhaps it can even be done on a simpler, cheaper, switch - as I rather not spend more money then necessary?
Lastly, how to do it, limit the inbound and outbound bandwidth on a single port (perhaps on the above mentioned switch, if possible), to 25 Mbit?
View 3 Replies
View Related
Mar 17, 2013
I want to configure accesslists on my Catalyst 3750X-switches to protect different VLANs/networks. Any best-practices about inbound versus outbound accesslists? In my head it is more readable and easier to understand the config when accesslists are assigned outbound on the VLAN to protect instead of assigning them inbound on all possible source-VLANs. But of course, from a performance point-of-view it is better to use inbound access-lists to avoid un-necessary routing etc.
View 1 Replies
View Related
Oct 21, 2011
I have configured my e4200 to block traffic at certian times uses both the Parental Controls and the Intenet Access Polices. Neither one seems to work though. [code] I have the same MAC addresses specified in each rule. Initally I had only the first two rules. Those didn't work, so I added rule 3 and 4 (they do the same thing as rules 1 and 2 but from the opposite direction). There are no compliaints, but they don't stop any traffic.
I started with the Parental Controls, they didn't work either. The page in there that lets you pick which machines you want to block seemed next to worthless. I have about four rows listed as "Network Device." REALLY LAME! As the MAC addresses are accesible and these weren't working I went to the IAP.
View 5 Replies
View Related
Jul 25, 2011
if the firewall rules in the RVL200 work for inter LAN routing as well as LAN<->WAN? I need 2 separate networks in a house, 1 for business 1 for family, and I want to only allow my IP on network 1 (family net,10.0.0.0/24) access to network 2 (business net 10.0.1.0/24). I want this as if I change rooms were a access point for business is not available I can use the home net and specific IP to access certain business net IPs. I saw you can turn inter vlan routing on or off, but it wasn't clear on firewall rules.know of a similar router in cost but with gige instead of 100Mb ports?
View 1 Replies
View Related
Mar 19, 2013
We have a Cisco 2811 running ITP IOS. On that router we run the SMPP service. A client on the network connects to this service, and we need to capture the traffic for debug.
I've tried traffic-export, but I cannot see any outbound traffic.I'm guessing that this is due to the fact that the outbound SMPP traffic is not transit traffic as it is generated by the router itself.
Is there any way to capture the outbound traffic?
View 4 Replies
View Related
Jun 22, 2012
I have two 1800 routers running VRRP. Also I have two sub interface configured on both router and both router connected to swith through thunk link. My goal is to limit inbound traffic to 3Mbps for both VLANs on router's inside interface which is connected to switch.
View 1 Replies
View Related
Dec 1, 2012
Setup firewall rules that will block all inbound Internet access to the web server except port 443, Setup firewall rules that will block all communication between the two internal networks, except ports 7000 and 1702
View 1 Replies
View Related
Feb 20, 2009
I've purchased a WRT310N router to replace an existing wired router, and am in the process of setting up the outbound firewall rules. While I see settings to restrict access to all sites (or specific sites) for a specific protocol, I don't see an easy way to only allow access to one specific site.I want to restrict outbound SMTP to one server (my ISP's).
View 6 Replies
View Related
Feb 28, 2011
We're running 8.3(2) in the ASA5540. Users all over our enterprise connect to a business partner's application through the ASA/VPN. We have a class-b address space, and since the users are spread out all over the place, I have the entire class-b space as the local object in the ACL that allows traffic through the VPN tunnel.
The business partner has concerns that our entire address space is available to access the VPN tunnel. So I thought, to alleviate their concerns, to PAT all of our connections outbound to a single IP address.
How is this done in 8.3(2)? We use ASDM to configure the 5540. For example, say our class-b is 159.12.0.0 and the PAT'd IP address will be 199.30.36.6.
View 5 Replies
View Related
Aug 17, 2012
I have a server that I am using as a CCTV system. On the E3200, I have port forwarding setup so that it will forward port 3500 in to port 80 on my server. So from the internet, I can point my browser to my home IP address on port 3500 and see the images capture on the server.What I am finding is that from inside the network, I can connect to the cctv server all day long. When I try to connect to it from the internet using the external IP address on port 3500, the Linksys E3200 is dropping my inbound connection and it seems like it is blacklisting my IP address for several minutes. I can have a continuous ping going. As soon as I try to access the cctv webpage, my session drops, the pings start failing, and it remains that way for a short time.I thought that the router might be resetting itself, so I started a continous ping from two totally separate computers to my router, and from one of those computers I try to access the cctv server through the port forwarding, and the computer I tried it from one drop and its pings would start failing, at the same time the other computer was still able to continously ping my router.
View 9 Replies
View Related
Oct 9, 2011
So I recently purchased an E4200 to replace my aging and slightly ailing DLink DIR-655 which as served me well for going on 5 years. The part of the DLink that was giving me the issues was the wireless, the routing and switching worked fine however.
I do quite a lot of streaming of media from my home machine outside my network through the internet. Most recently I've been using Kalemsoft Media Streamer on my HP Touchpad, however I've used Zumocast, Windows Live, Splashtop, and a few others. I havent yet tried my PPTP VPN through the router for an extended period of time to see if it reflects this issue as well though.
Since replacing my 655 with the E4200 I've started experiencing a timeout issue. It seems to be semi-consistant and only happens after time of unuse or extended use (I havent timed it yet to see if it always happens after the same amount of time though).
Basically what occurs is this:
I'll be watching some video or listening to audio streaming from my machine and after a period of time (usually a long period of time) it'll suddenly lose connection, requiring me to re-connect through the software, like the NAT translation is timing out or something.
How it USED to work is this: It'd basically work until I stopped streaming.
My setup:
AT&T Uverse set to DMZPlus aiming towards my E4200 WAN port (sitting directly in place of the 655 I used to have)
All machines on the network are gigabit. I have ports 7000 and 7001 open for Kalemsoft Media Streamer on the E4200 per the specifications of the software.
The software understands UPnP so I have nothing specific forwarded on my machine, but I didnt previously either.
View 4 Replies
View Related
Oct 14, 2012
I have a LAN with several linux boxes (Fedora 17, both 32 and 64 bits), as well a a WInXP box. All of these are connected to the same switch, which is connected to the inside port of my PIX 515.
For a few sites (mozilla.org happens to be one of them), for http access, the tcp connection is established, but the "GET" request - or anything else for that matter - will not go through the PIX (from inside to wan). I have verified this by first, using wireshark to watch the packets being sent out from the client box, then by using the trace function in the PIX to see that the packets ARE arriving at the inside interface, but ARE NOT sent out of the wan interface.
This is for the linux boxes ONLY. When I do the same thing with my WinXP box, all works: in the PIX trace, I see the packets arrive at the inside interface, and leave the wan interace. And access to these sites are okay.
(What's a bit weird, although somewhat expected, when I connect my android phone to my LAN via WiFi, it too is unable to reach those sites - but then again, android is linux, right?)
In addition to the tracing, I have narrowed this problem down by connecting a linux box directly to my DSL router, then replacing the PIX with a simple router/gateway. Both of those solutions work.
Some background:
I have been using this PIX for about 10 years now, with the same configuration (except IP addresses). Only in the last several months has this problem started to show up.
I got this pix from a dead company at a really great price (free), so I'd like to keep it, and not have to spend money on something else. I don't have any support license, and have not been able to get any software upgrades. Here is its version info:
taz(config)# sho ver
Cisco PIX Firewall Version 6.2(2)
Cisco PIX Device Manager Version 2.0(2)
Compiled on Fri 07-Jun-02 17:49 by (code)
Serial Number: 405200362 (0x1826ddea)
Running Activation Key: 0x38ac31f3 0x0630df47 0x9a77b805 0x8bc39a60
PS: Since this PIX is at its end of life, I was wondering if any of the software upgrades would be now available without a license?
View 2 Replies
View Related
Apr 4, 2013
We've got a proyect that requires a few thin clients to connect to a remote PCoIP server.
Looking to the documentation, the only port required to be open through Firewalls is TCP/UDP 4172, however, we've seen (making interface captures) that it somehow also uses ESP (IP protocol 50).
We've got a static NAT translation translating those thin clients to a public IP address, we've created ACLs to allow inbound (shouldn't be necessary as our user is connecting to a remote server) and outbound traffic for TCP/UDP 4172 and ESP and I cannot make it work.
I've also enabled IPSec pass-through Inspection to no avail.
how should we configure our ASA to enable this kind of traffic?
View 4 Replies
View Related
Feb 29, 2012
I have hooked up to the Cisco 2821 router a T1 on Serial and Cable Modem to GigEth0/1 and I want to split outbound traffic so that all regular users will use G0/1 interface for web traffic and the rest of the traffic stays with the T1. I am having an issue where the users on the network are not able to use the internet when using the following config:
!
interface GigabitEthernet0/0.10
description Data
encapsulation dot1Q 50
[Code].....
View 11 Replies
View Related
Sep 17, 2012
I have a remote office with a 1.54mb circuit connected to our private MPLS network. Our main office has a 20mb conneciton to said network. I want to set a QoS policy for traffic from the remote office to our Avaya subnet within the main office. This policy is to give priority to all traffic to the Avaya G350.
I have set up the outbound traffic policy on our remote office router using a policy map as follows:
access-list 101 permit ip any 192.168.0.0 0.0.255.255 (this represents the Avaya subnet)
class-map match-all voice_outbound
match access-group 101
policy-map voip_outbound
class voice_outbound
priority percent 50
interface Serial0/3/0
service-policy output voip_outbound
This works fine for outbound traffic. Now how do I give priority to inbound traffic from the 192.168.0.0 network? When I try to do similar command it says CBWFQ is only configurable as output, not input.
I'd just limit it at the far end, but that has a 20mb pipe. All other traffic from our corporate datacenter, as well as internet traffic, flows from the main office to the remote office. Should I just rate limit everything else destined for the remote office subnet, and if so, what's the best method?
View 4 Replies
View Related
Mar 10, 2011
I've had a Cisco ASA 5505 firewall connected to a cable modem (Virgin Media, UK) for the past 3 years. In the last 6 months or so I have noticed that the ASA would drop the outside (internet) connection intermittently, usually at least once every 1-2 weeks - the interface still shows as being up but no traffic crosses it, and computers on the inside network abruptly lose internet connectivity. Rebooting the ASA or administratively shutting down the interface and bringing it back up again would cure the problem straight away until the next time it happens.
In the last couple of days however despite nothing having been changed in the configuration the frequency of this connection drop has increased to the point where I would lose access to the internet within an hour of rebooting the ASA. It does not seem to matter whether or not there is traffic currently going out or not, inside computers just appear to suddenly lose internet connectivity.
I have tried the following without success:
1) I completely wiped the configuration (configure factory-default)
2) I changed the port the cable modem was connected to (eth0/0 -> eth0/7, changing switchport vlan accordingly)
I thought perhaps 2) had fixed it but it lasted a whole 2 hours before I woke up this morning to find that none of the internal equipment had internet access despite the fact eth0/7 was showing as up/up in ASA CLI.
This morning I manually set the eth0/7 port to "speed 10" (10Mbps, full duplex). It was previously set to be auto-negotiation (default) on both speed and duplex. As of this post it has managed to keep the outside connection up for 3 hours - but I'm not optimistic that it is fixed.
Interface counters have never shown any collisions, errors, etc - only packets input and output as expected.
Since the problem persisted across ports (eth0/0 -> eth0/7) I'm wondering whether or not the problem could either be faulty memory, or some kind of speed/duplex incompatibility between the cable modem and ASA.
View 13 Replies
View Related