Re: netbios filter on DLSW - am I missing something?

From: Roger Dellaca (rdellaca@xxxxxxxxxx)
Date: Fri Jan 19 2001 - 19:23:28 GMT-3

• Next message: omoruyi usuanlele: "RE: Technical questions - BGP - QOS etc"
• Previous message: David FAHED: "Re: unidentified snap frame from catalyst keeping up isdn betweendlsw peers"
• Maybe in reply to: Connary, Julie Ann: "netbios filter on DLSW - am I missing something?"
• Next in thread: Fred Ingham: "Re: netbios filter on DLSW - am I missing something?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
If I've read your scenario right, the netbios access-list on R3 should deny JUL
IE-95.
or put the existing one on R2.

>>> "Connary, Julie Ann" <jconnary@cisco.com> 01/19 2:05 PM >>>
Hi All,

I went back and read all the messages on netbios filtering and it still
doesn't work as I expected, can
someone point out my problem? I think I'm just missing something really
simple here.

I have a simple netowrk:

--------netbeuie pc-on Ethernet---r2------ip network-----r3----ethernet -
netbeui pc

      name
jconnary-w2k
          netbios name julie-95

So I wanted to prevent jconnary-w2k on R3's ethernet from establishing a
circuit with julie-95 on R2's ethernet.

First I filtered sap f0f0, worked great.
Then I tried netbios name filtering.

On R3 I setup a netbios access-list and applied it to the remote-peer
statement for R2.

netbios access-list host selab deny JCONNARY-W2K
netbios access-list host selab permit *
enable password cisco
!
username r5 password 0 julie
ip subnet-zero
no ip domain-lookup
isdn switch-type basic-ni
!
sap-priority-list 1 medium dmac 0001.38ac.1f00
source-bridge ring-group 30
dlsw local-peer peer-id 170.100.3.1
dlsw remote-peer 0 tcp 170.100.25.2 priority host-netbios-out selab
dlsw duplicate-path-bias load-balance
dlsw timer explorer-wait-time 10

But I still get a connection. I looked at debug and I can watch the
connection be setup - but why? I even tried lower and upper case
on my access-list with the same results. I then read manuals and looked in
emails and they all say to do it this way - that this would filter the
request from jconnary-w2k going to julie-95 and would
filter any return traffic if julie-95 tried to establish the connection.

Or have I got that wrong?

Julie Ann
------------------------------------------------------------------------
                                         Julie Ann Connary
           | | Network Consulting Engineer
          ||| ||| Federal Support Program
        .|||||. .|||||. 13635 Dulles Technology Drive,
Herndon VA 20171
      .:|||||||||:.:|||||||||:. Pager: 1-888-642-0551
     c i s c o S y s t e m s Email: jconnary@cisco.com

------------------------------------------------------------------------

• Next message: omoruyi usuanlele: "RE: Technical questions - BGP - QOS etc"
• Previous message: David FAHED: "Re: unidentified snap frame from catalyst keeping up isdn betweendlsw peers"
• Maybe in reply to: Connary, Julie Ann: "netbios filter on DLSW - am I missing something?"
• Next in thread: Fred Ingham: "Re: netbios filter on DLSW - am I missing something?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:36 GMT-3