Fwd: DLSW Filter

From: George Wolf (hydraspt@xxxxxxxxx)
Date: Tue Feb 01 2000 - 10:17:40 GMT-3

• Next message: George Wolf: "Re: :RWLS DLSW unconfirmed ??"
• Previous message: Michel Bijnsdorp: ":RWLS DLSW unconfirmed ??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Ben, it really is an effective filter. If you don't
want to have the netbios traffic sent accross the wan
you must make sure you block the specific sap w/ a
dlsw Icannot reach sap F0 etc..

If you want to do something different you can use
mac specific 701 filters on the Lan port and you
can even get real fancy w/ boolean and/or like
combining them w/ a 201.

ie.

access-expression input (smac(701) & lsap(201))
sho access-list 701
Bridge address access list 701
    permit 0000.7700.9938 c000.0000.0000
sho access-list 201
Type code access list 201
    permit 0x0000 0x7D7D

this filter would let the mac above w/ the given 201
saps permission.

The nice thing about mac exclusives is they are simple
to remember to configure and your router wont get
blasted by explorer traffic from other peers.

here's the lsap list from the cisco page.

http://www.cisco.com/warp/public/111/12.html

HTH,

George

Note: forwarded message attached.

• Next message: George Wolf: "Re: :RWLS DLSW unconfirmed ??"
• Previous message: Michel Bijnsdorp: ":RWLS DLSW unconfirmed ??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:52 GMT-3