From: Hung, Sing-Yu (Sing-Yu.Hung@pccw.com)
Date: Sun Dec 15 2002 - 06:37:58 GMT-3
Dear,
I have a tunnal between R3 and R13, can anyone tell me how to deny
gre protocols but ip protocols on R3 e0?
r3#sh run int e0
Building configuration...
Current configuration : 157 bytes
!
interface Ethernet0
ip address 172.16.135.3 255.255.255.240
ip access-group 136 in
ip pim sparse-dense-mode
no ip route-cache
no ip mroute-cache
end
r3#sh run int tu 3
Building configuration...
Current configuration : 122 bytes
!
interface Tunnel3
ip address 192.16.133.3 255.255.255.0
tunnel source 172.16.3.1
tunnel destination 172.16.13.1
end
r3#sl 136
Extended IP access list 136
deny gre any any (63 matches)
permit ip any any (172 matches)
----------------------------------------------------------------------
r13#p 192.16.133.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.16.133.3, timeout is 2 seconds:
!.!.! <--------------------------------" why ? "
Success rate is 60 percent (3/5), round-trip min/avg/max = 16/16/16 ms
r13#p 172.16.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms
r13#sh run int e3/1
Building configuration...
Current configuration : 147 bytes
!
interface Ethernet3/1
ip address 172.16.134.13 255.255.255.0
ip pim sparse-dense-mode
no ip route-cache
no ip mroute-cache
half-duplex
end
r13#sh run int tu 3
Building configuration...
Current configuration : 162 bytes
!
interface Tunnel3
ip address 192.16.133.13 255.255.255.0
no ip route-cache
no ip mroute-cache
tunnel source 172.16.13.1
tunnel destination 172.16.3.1
end
Bradford Hung
Pacific Century CyberWorks
Tel: 288 33125
.
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:46 GMT-3