
Premetto che sono un novellino ma con tanta voglia di imparare

Vorrei bloccare tutto il traffico in entrata proveniente da internet (in ingresso alla WIC) lasciando "passare" esclusivamente la porta 4682. Con la configurazione sotto riportata, appena applico l'acl 111 all'interfaccia Dialer0 non navigo più!!!

Grazie a tutti
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxx
enable password xxxxx
!
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
!
!
ip domain name tin.it
ip name-server 212.216.112.112
ip name-server 212.216.172.62
!
!
!
!
!
interface ATM0/0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
hold-queue 224 in
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0/0
ip address 192.168.0.100 255.255.255.0
ip nat inside
speed auto
full-duplex
no cdp enable
!
interface Serial0/1
no ip address
shutdown
no cdp enable
!
interface Dialer0
ip address negotiated
ip access-group 111 in
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username xxx password 0 xxx
!
ip nat inside source list 1 interface Dialer0 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 111 permit tcp any any eq 4672
access-list 111 deny ip any any
no cdp run
!
snmp-server community public RO
snmp-server enable traps tty
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password xxx
login
!
!
!
end