Re: Question about Lock and Key ACLs

From: Jaspreet Bhatia (jasbhati@xxxxxxxxx)
Date: Thu Apr 18 2002 - 23:50:05 GMT-3

• Next message: Babacar Diop: "RE: DLSw question."
• Previous message: Jason Sinclair: "RE: DLSw question."
• Maybe in reply to: Jaspreet Bhatia: "Question about Lock and Key ACLs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Hasang,
                     Here you go .Here is the config for the router on
which the Locak and key is implemented .

version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname GreenBay
!
logging buffered 4096 debugging
enable password cisco
!
username SanDiego password 0 cisco
username jas1 password 0 cisco
username jas
username jas autocommand access-enable timeout 500
!
!
!
!
ip subnet-zero
no ip domain-lookup
ip host r14 170.10.23.2
ip host no 170.10.23.2
ip name-server 1.1.1.1
!
isdn switch-type basic-ni
cns event-service server
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
  ip address 170.10.22.1 255.255.255.0
  no keepalive
!
interface Ethernet0/1
  no ip address
  shutdown
!
interface BRI1/0
  ip address 172.10.129.1 255.255.255.252
  encapsulation ppp
  ip ospf cost 9999
  ip ospf demand-circuit
  dialer idle-timeout 300
  dialer map ip 172.10.129.2 name SanDiego broadcast 8995101
  dialer load-threshold 3 either
  dialer-group 1
  isdn switch-type basic-ni
  isdn spid1 5401 8995401
  isdn spid2 5402 8995402
  ppp authentication chap
  ppp multilink
!
interface BRI1/1
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface BRI1/2
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface BRI1/3
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface BRI1/4
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface BRI1/5
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface BRI1/6
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface BRI1/7
  no ip address
  shutdown
  isdn switch-type basic-ni
!
interface Ethernet2/0
  no ip address
  shutdown
!
interface Ethernet2/1
  no ip address
  shutdown
!
interface Ethernet2/2
  no ip address
  shutdown
!
interface Ethernet2/3
  no ip address
  shutdown
!
interface Serial3/0
  bandwidth 56000
  no ip address
  encapsulation frame-relay
  no fair-queue
!
interface Serial3/0.1 point-to-point
  bandwidth 56
  ip address 172.10.29.1 255.255.255.252
  frame-relay interface-dlci 201
!
interface Serial3/1
  bandwidth 64
  ip address 170.10.23.1 255.255.255.252
  ip access-group 101 in
  clockrate 64000
!
interface Serial3/2
  no ip address
  shutdown
!
interface Serial3/3
  no ip address
  shutdown
!
interface Serial3/4
  no ip address
  shutdown
!
interface Serial3/5
  no ip address
  shutdown
!
interface Serial3/6
  no ip address
  shutdown
!
interface Serial3/7
  no ip address
  shutdown
!
router eigrp 1
  redistribute ospf 1 metric 10000 100 100 1 1500
  passive-interface BRI1/0
  passive-interface Serial3/0
  network 170.10.0.0
  no auto-summary
  no eigrp log-neighbor-changes
!
router ospf 1
  log-adjacency-changes
  redistribute eigrp 1 subnets route-map eigrp-to-ospf
  passive-interface Serial3/1
  network 172.10.29.1 0.0.0.0 area 0
  network 172.10.129.1 0.0.0.0 area 0
!
router bgp 1
!
ip classless
no ip http server
!
!
map-class dialer myclass
  dialer callback-server username
!
map-class dialer class
logging 1.1.1.1
access-list 1 permit 170.10.129.0 0.0.0.3
access-list 100 permit udp any any eq rip
access-list 101 permit eigrp any any
access-list 101 permit tcp any host 170.10.23.1
access-list 101 dynamic firewall timeout 600 permit ip any any
dialer watch-list 2 ip 170.10.49.0 255.255.255.0
dialer-list 1 protocol ip permit
route-map eigrp-to-ospf deny 10
  match ip address 1
!
route-map eigrp-to-ospf permit 20
!
!
!
!
alias exec s show ip int brief
!
line con 0
  transport input none
line aux 0
line vty 0 2
  login local
  autocommand access-enable timeout 5
line vty 3 4
  login local
  rotary 1
!
end

GreenBay#

Thanks

Jaspreet
At 09:25 PM 4/18/2002 -0400, Hansang Bae wrote:
>At 09:18 AM 4/18/2002 -0700, Jaspreet Bhatia wrote:
> > Thanks for your suggestion .I did try it this way
> as per the Groupstudy archives and a message by Brian Dennis said the
> same thing . But I am getting this message when I try to telnet into the
> lines vty 3 or 4
> >Phoenix1#telnet 170.10.23.1 3001
> >Trying 170.10.23.1, 3001 ... Open
> >User Access Verification
> >Username: jas1
> >Password:
> >Password OK
> >Queued on rotary line group 1.
> >The rotary line group you attempted to access is full.
> >You have therefore been placed in a queue for the next
> >available line in this group.
> >You may exit the queue by terminating the telnet connection
> >You are now position 1 in the queue.
> >
> > and then the router just hangs there . ANy ideas ?
>
>
>Can you show us your config?
>
>hsb

• Next message: Babacar Diop: "RE: DLSw question."
• Previous message: Jason Sinclair: "RE: DLSw question."
• Maybe in reply to: Jaspreet Bhatia: "Question about Lock and Key ACLs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:12 GMT-3