From: Jay Hennigan (jay@xxxxxxxx)
Date: Thu Aug 05 1999 - 15:12:29 GMT-3
On Wed, 4 Aug 1999, Rahmlow, Howard F. wrote:
> I think I have been working on this to long that last few days. Things I
> knew, and worked dont. So here is the dumb question of the day.
>
> Here is the access-list
> access-list 101 deny tcp host 192.63.65.14 host 192.63.65.5 eq 23
> access-list 101 permit ip any any
>
> Interface commands
> Int S0
> clockrate 9600
> ip add 192.63.65.14 255.255.255.252
> ip access-group 101 out
>
> when logged in to the router I can telnet to the host 192.63.65.5 (its
> another router),
> What dumb thing am I missing. If I move the access-list to another router
> between the two, the access-list workes fine.
After you've telnetted to the other router, do a "sho users" on it and
see if the "Location" matches 192.63.65.14. Your router (from which you
are doing the telnet) defaults to using its first ethernet address as the
source. Try filtering that IP.
-- -- Jay Hennigan jay@west.net 805-884-6323 -- WestNet: Internet service to Santa Barbara, Ventura and the world.
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:21:46 GMT-3