If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

So I forgot to put this up yesterday.  Here it is.  I was asked to filter port 139 traffic before it got to a router.  To accomplish this I went to the switch that was connected to the router and did it on the the VLAN.  To test I went to a workstation connected to the switch and telnetted to the router port 139 and watched a separate ACL that I put on the router increment.    After applying this Vlan Access Map on the switch and repeating the test from the workstation the ACL on the router no longer incremented.

! –Start with the ACL to match the port 139 traffic.  (Yes its a permit statement)

access-list 139 permit tcp any any eq 139
!
!
!  –Next write the vlan access-map to match that ACL and drop the traffic.
!
vlan access-map NO139 10
action drop
match ip address 139
vlan access-map NO139 20
action forward
!
!  –No Apply it to the VLAN!
!
vlan filter NO139 vlan-list 37

Related posts:

1. VLAN 1 on a Cisco Switch In the many years I have been teaching Cisco courses...
2. GNS3 setup and outside connections with VoIP example I don’t want to write another guide to setup GNS3,...
3. Masking the Server in an HTTP header using Cisco ASA. It’s been a bit since I have posted but a...

Related posts brought to you by Yet Another Related Posts Plugin.