RE: Access-list problem

From: Voss, David (dvoss@heidrick.com)
Date: Wed Feb 12 2003 - 23:35:54 GMT-3

• Next message: CCIE FUN: "Re: HSRP question"
• Previous message: Sanjay W: "Re: It is my turn. CCIE #11071"
• Maybe in reply to: pandoraytchan@hotmail.com: "Access-list problem"
• Next in thread: Peter: "Re: Access-list problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The access-list will work for any router behind that router.

Even if you initiate a ping from a different interface on that router, it
will still work.

-----Original Message-----
From: pandoraytchan@hotmail.com [mailto:pandoraytchan@hotmail.com]
Sent: Wednesday, February 12, 2003 7:58 PM
To: ccielab@groupstudy.com
Subject: Access-list problem

Hi all,

R1------R2

R1 config

interface Serial0/1
 ip address 131.108.2.2 255.255.255.0
 ip access-group 2 out
 no ip route-cache
 no ip mroute-cache
 clockrate 128000
!
!
access-list 2 deny any log

I found that I can ping the r2 even this access list block all traffic.

Does access-list 2 block "all" traffic which originate from the r1?

Does the access list work like "policy routing", doesn't work on the
packet which originate from the router (unless I use command "local
policy")?

Thanks for any help

Pandora
.
.

• Next message: CCIE FUN: "Re: HSRP question"
• Previous message: Sanjay W: "Re: It is my turn. CCIE #11071"
• Maybe in reply to: pandoraytchan@hotmail.com: "Access-list problem"
• Next in thread: Peter: "Re: Access-list problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:20 GMT-3