From: Paul N. Kolesnikov (paul@xxxxxx)
Date: Sun Jan 06 2002 - 13:07:06 GMT-3
Hello CCIE,
Sunday, January 06, 2002, 1:29:39 AM, you wrote:
CS> "By default, Cisco routers bridge IPX traffic. To change this behavior, you
CS> must configure ipx routing on the router. IPX, using 802.2 encapsulation,
CS> uses SAP 0xE0 as the DSAP and SSAP. Therefore, if a Cisco router is bridgin
g
CS> IPX and the requirement is to permit only this type of traffic, use this
CS> ACL:
CS> access-list 200 permit 0xE0E0 0x0101"
CS> http://www.cisco.com/warp/public/698/acl200.html
CS> Is this a misprint? Should it be 0xE0E0 0x0000?? It doesn't mention whether
CS> or not E1 is a response. In the above paragraphs, it does mention that
CS> NetBIOS has response F1, and that SNA has response too.
CS> Thx
If you see in the PDF file at this link you'll find
"...use this ACL:
access-list 200 permit 0xE0E0 0x0000
On the other hand, the following ACL blocks IPX and allows the rest of the traf
fic:
access-list 200 deny 0xE0E0 0x0000
access-list 200 permit 0x0000 0xFFFF"
with other wilcards as in the HTML ;-)
---- Best regards,Paul N. Kolesnikov Etel Inc., Ryazan Tel. (+7) (0912) 21 5621 Fax (+7) (0912) 21 5767 mailto:paul@etr.ru http://www.ryazan.net
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:56:17 GMT-3