RE: DLSW NB name filtering

From: Lykourgiotis Paraskevas (ParaskevasL@xxxxxxxxxxxx)
Date: Wed Jan 10 2001 - 06:01:41 GMT-3

• Next message: Lykourgiotis Paraskevas: "RE: bgp keepalives and DDR"
• Previous message: Ng Boon Teong: "Re: 3640 Digital Modems"
• Maybe in reply to: Chuck Church: "DLSW NB name filtering"
• Next in thread: Fred Ingham: "Re: DLSW NB name filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Hi,

I think that your access list is not working because when you say "deny
CHUCK1200" and " dlsw ... host-netbios-out nbnames", in fact you deny the
destination not the source netbios-name.

-----Original Message-----
From: Chuck Church [mailto:cchurch@MAGNACOM.com]
Sent: Wednesday, January 10, 2001 3:28 AM
To: 'Ronnie Royston'; CCIE Lab group (E-mail)
Subject: RE: DLSW NB name filtering

Sorry I wasn't totally clear on the DLSW config. These are all my important
DLSW lines:

netbios access-list host nbnames deny CHUCK1200
netbios access-list host nbnames permit *
!
dlsw local-peer peer-id 192.168.11.1
dlsw remote-peer 0 tcp 192.168.101.1 host-netbios-out nbnames
dlsw bridge-group 1

The CHUCK1200 device is hanging off of this routers' e0 interface, which is
in bridge group 1. I also tried CHUCK* on the deny line, and got the same
result.

Chuck Church
CCNP, CCDP, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000 x218

-----Original Message-----
From: Ronnie Royston [mailto:RonnieR@globaldatasys.com]
Sent: Tuesday, January 09, 2001 4:46 PM
To: 'Chuck Church'; CCIE Lab group (E-mail)
Subject: RE: DLSW NB name filtering

Is this what you have?

netbios access-list host FILTER_1 deny STATION1
netbios access-list host FILTER_1 permit *
!
dlsw local-peer peer-id 30.3.3.3
dlsw remote-peer 0 tcp 1.1.1.1 host-netbios-out FILTER_1

-----Original Message-----
From: Chuck Church [mailto:cchurch@MAGNACOM.com]
Sent: Tuesday, January 09, 2001 12:34 PM
To: CCIE Lab group (E-mail)
Subject: DLSW NB name filtering

All,

      I'm trying to filter out netbios names before they get to my DLSW
peer. Network looks like:

(CHUCK1200 laptop)--ethernet--routerC----serial HDLC--routerA--ethernet
                               DLSW-------------------DLSW

 My NB name ACLs on router C are:

netbios access-list host nbnames deny CHUCK1200
netbios access-list host nbnames permit *

If I use it like this, CHUCK1200 gets though to the other peer. If I remove
the 'permit *' line, the device gets blocked, either because of the first
line, or by an implicit deny (I'm not sure if these NB ACLs have an implicit
deny). Any ideas?

Thanks,

Chuck Church
CCNP, CCDP, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000 x218

• Next message: Lykourgiotis Paraskevas: "RE: bgp keepalives and DDR"
• Previous message: Ng Boon Teong: "Re: 3640 Digital Modems"
• Maybe in reply to: Chuck Church: "DLSW NB name filtering"
• Next in thread: Fred Ingham: "Re: DLSW NB name filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:26 GMT-3