From: Brian (signal@xxxxxxxxxx)
Date: Mon Aug 20 2001 - 15:41:00 GMT-3
On Mon, 20 Aug 2001 ELAW@dr.dk wrote:
> I generally use the following ACL:
>
> access-list 900 deny 0 any all any 457
> access-list 900 deny rip any rip any rip
> access-list 900 deny sap any sap any sap
> access-list 900 permit any any all any all
The 457 is serialization which would be if you had actual clients on the
network (non-WAN). If thats the case, you may wish to also put
access-list 900 deny any any all any ncp
as well, to block NCP stuff.
Brian
>
> It's taken from the 12.0 docs and rewritten with keywords.
>
> What beats me with IPX is why you need both the protocol and a socket with
> RIP and SAP.
> I tend to think of IPX protocol numbers as similar til IP protocol numbers,
> and sockets as TCP/UDP port numbers,
> but why do you need both?
>
> --Erik
> **Please read:http://www.groupstudy.com/list/posting.html
-----------------------------------------------
I'm buying / selling used CISCO gear!!
email me for a quote
Brian Feeny, CCIE #8036 Scarlett Parria
signal@netjam.net scarlett@netjam.net
318-213-4709 318-213-4701
Netjam, LLC http://www.netjam.net
333 Texas St. VISA/MC/AMEX/COD
Suite 1401 30 day warranty
Shreveport, LA 71101 Cisco Channel Partner
toll free: 866-2NETJAM
phone: 318-212-0245
fax: 318-212-0246
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:54 GMT-3