How to create and implement QOS for Blocking TCP 137-139, TCP445 and UDP 137-139
(Its help for blocking file sharing for different subnet)
PORT BLOCKING CONFIGURATION
Use the Policy Service Command for this
1. Create a Policy Service for every UDP/TCP Port you want to block.
policy service service_name
[protocol protocol]
[source ip port port[-port]]
[destination ip port port[-port]]
[source tcp port port[-port]]
[destination tcp port port[-port]]
[source udp port port[-port]]
[destination udp port port[-port]]
2. Map these Policy Services to a Policy Service Group
policy service group service_group service_name1 [service_name2...]
3. Map this Policy Service Group to a Policy Condition.
policy condition condition_name [service group service_group]
4. Create a 2 Nos Policy Action One for Accept and other for Deny…
policy action action_name [disposition {accept | drop | deny}]
5. Map the above to a Policy rule……
policy rule rule_name [enable] [precedence precedence] [condition condition] [action action] no validity period]
6. Apply the Policy created……
qos apply
No comments:
Post a Comment