From: Yogesh Kale (ykale@xxxxxxxxxxx)
Date: Mon Mar 13 2000 - 11:19:30 GMT-3
Adding to the question ... Do we need to allow 2067 as well ??? Bruce Caslow
specified tcp ports 2065 (read) and 2067 (write) for the DLSW. What is
priority in DLSW and whare is it used?
>From: "Joshua W. Watkins" <josh@mstates.com>
>Reply-To: "Joshua W. Watkins" <josh@mstates.com>
>To: Khurram Khani <ajmal@emirates.net.ae>
>CC: ccielab@groupstudy.com
>Subject: Re: Permit DLSW in Access-list
>Date: Sat, 11 Mar 2000 10:34:14 -700
>
>
>When DLSW peers establish, they don't connect from 2065 to 2065. They
>use a higher port number to connect up on, i.e.-11000. You need to
>allow this port through your ACL as well. Check it out.
>
>
>R5 --(DLSW peers)-- R5
>
>r4#sh tcp brief
>TCB Local Address Foreign Address (state)
>001B99C0 10.4.255.1.2065 10.5.255.1.11000 ESTAB
>
>r5#sh tcp brief
>TCB Local Address Foreign Address (state)
>0029A510 10.5.255.1.11000 10.4.255.1.2065 ESTAB
>
>Notice the routers using port 11,000.
>
> > Hi.
> >
> > R1--(serial)----R2 ----(serial)--- R3
> >
> > In R2 , I applied an Access-list to only permit TCP eq 23. Now I
> > am trying to permit DLSW as well
> >
> > I have configured a DLSW Peer between R1 and R3
> >
> > In R2 , I have put
> >
> > access-list 101 permit tcp any any eq 2065
> > access-list 101 permit tcp any any eq 1981
> > access-list 101 permit tcp any any eq 1982
> > access-list 101 permit tcp any any eq 1983
> > access-list 101 permit tcp any any eq telnet
> >
> >
> > With # show dlsw peer I can clearly see that DLSW State is going
> > from WAIT to DISC again and again. When I remove access-list it
> > changes to CONNECT
> >
> > Any clue?
> >
> > Khurram.
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:04 GMT-3