Hello Allan, That is in FACT what you need to do, however be careful because the port for Gdoi (UDP 848) does not appear there as open port even if the router is the Key server. So if your router is key server or if it is running GET, you need to have that in mind.
Mike Rojas. From: [email protected] To: [email protected] Date: Thu, 4 Oct 2012 22:57:46 +0000 Subject: [OSL | CCIE_Security] Control Plane protection host Hello, When the question says: Use control plane protection in order to block and log all connections to the closed ports but make sure the traffic to/from the router still works. It is a good a approach to use the command show control-plane host open-ports to see what ports are listening on the router and use these ports on the class-map with the match not port TCP/UDP ## ??? Thanks --------------------------------------------------------------------- Allan Castro _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
