From: MOLINA, MARTIN J *Internet* (PBI) (mm1343@xxxxxxx)
Date: Thu Mar 28 2002 - 21:48:19 GMT-3
Group,
If one were presented with the following requirement:
Configure R3's Token interface so that its attached workstations will only
be able to see two workstations out on the network with Netbios names
"System3" and "System9".
My knee-jerk solution was the following:
netbios access-list host R3 permit System3
netbios access-list host R3 permit System9
applied to R3's Token interface as : netbios output-access-filter host R3
However, the solution in the book I'm working out of lists the following
solution:
netbios access-list host test permit System3
netbios access-list host test deny *
netbios access-list host rest permit System9
netbios access-list host rest deny *
applied to R3's Token interface as : access-expression input
(netbios-host(test) | netbios-host(rest))
My questions are :
1. What is the deal with direction (input as opposed to output)? I would
think the solution would have to be applied outbound on R3's Token interface
(toward the workstations on R3's ring).
2. Why wouldn't my solution work (assuming the direction was correct)?
Thanks in advance.
Martin Molina
Senior Network Engineer
Pacific Bell Internet Services
CCNP CCDP
desk: 925 973-7774
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:24 GMT-3