From: Wes Stevens (ccie_miami@xxxxxxxxxxx)
Date: Mon Apr 08 2002 - 08:57:36 GMT-3
In real life sna the mainframe side usually uses 4 as the sap, can use 8 and
c is almost never used. From the client side you can see any sap from 0x4 to
0x100.
>From: "Chua, Parry" <Parry.Chua@compaq.com>
>Reply-To: "Chua, Parry" <Parry.Chua@compaq.com>
>To: "Larry Whitfill" <whitfill@cox.net>, <ccielab@groupstudy.com>
>Subject: RE: SAP ACLs
>Date: Mon, 8 Apr 2002 11:15:29 +0800
>
>For testing, i would suggest you to do the following.
>
>- Create three access-list
>+- access-list 201 permit 0x0404 0x0101
>+- access-list 202 permit 0x0808 0x0101
>+- access-list 203 permit 0x0000 0x0d0d
>
>Create 3 SNA session using lasp 4, 8, C.
>
>Test with each access-list and see the result. access-list 201 should allow
>ony lsap 4, 202 should allow lsap 8 and 203 should allow all three lsap.
>
>Parry Chua
>
>-----Original Message-----
>From: Larry Whitfill [mailto:whitfill@cox.net]
>Sent: Monday, April 08, 2002 10:42 AM
>To: ccielab@groupstudy.com
>Subject: SAP ACLs
>
>
>http://www.cisco.com/warp/public/698/acl200.html#caseD
>
>Friends,
>
>This may be old news but I found this after investigating a discrepancy in
>the Practical Studies book. I'm particularly interested in the advised
>method of filtering SNA:
>
>"access-list 201 deny 0x0000 0x0d0d"
>
>The site admits that not all SNA SAPS will be filtered by this, but is it
>safe to assume that this is good enough for testing purposes?
>
>Larry
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:59 GMT-3