Access expression on token ring

From: Lupi, Guy (Guy.Lupi@xxxxxxxxxxxxx)
Date: Fri Mar 22 2002 - 19:24:07 GMT-3

• Next message: Amer Mdanat: "RE: atm pvc"
• Previous message: Sam Munzani: "Re: IPSec images"
• Next in thread: Chua, Parry: "RE: Access expression on token ring"
• Maybe reply: Chua, Parry: "RE: Access expression on token ring"
• Maybe reply: Ahmed Mamoor Amimi: "Re: Access expression on token ring"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I am doing a lab, and the requirement is "only allow SNA traffic to mac
address 3745.0001.0001 onto ring 2". So here is the config:

access-list 200 permit 0x0000 0x0D0D
access-list 700 permit 3745.0001.0001 0000.0000.0000
!
interface TokenRing0
 ip address 10.10.10.1 255.255.255.240
 no ip directed-broadcast
 ip nat inside
 ring-speed 16
 access-expression output (dmac(700) & lsap(200))

I put the access expression as an output because I would think that this
would stop all traffic that is not sna and destined for mac address
3745.0001.0001 from being sent OUT of the token ring interface, and hence
onto ring 2. The author has the access expression as input, not output. Am
I correct here or am I missing something? Thanks.

• Next message: Amer Mdanat: "RE: atm pvc"
• Previous message: Sam Munzani: "Re: IPSec images"
• Next in thread: Chua, Parry: "RE: Access expression on token ring"
• Maybe reply: Chua, Parry: "RE: Access expression on token ring"
• Maybe reply: Ahmed Mamoor Amimi: "Re: Access expression on token ring"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:18 GMT-3