From: Brian Dennis (brian@labforge.com)
Date: Sun Feb 16 2003 - 23:45:30 GMT-3
Actually you need this:
access-list 10 deny 10.0.0.0 0.255.255.255
access-list 10 deny 192.168.0.0 0.0.255.255
access-list 10 deny 172.16.0.0 0.15.255.255
access-list 10 permit any
Standard IP access-lists do not have the protocol option.
Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security)
brian@labforge.com
http://www.labforge.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Peter
Sent: Sunday, February 16, 2003 5:10 PM
To: ccielab@groupstudy.com
Subject: Re: private network traffic and 3550
You actually need the following ACL:
access-list 10 deny ip 10.0.0.0 0.255.255.255
access-list 10 deny ip 192.168.0.0 0.0.255.255
access-list 10 deny ip 172.16.0.0 0.15.255.255
access-list 10 permit ip any
_____________________________
Peter
#7247 (R&S, Security)
CyscoExpert Corp.
4433 W. Touhy Ave. Suite 410
Lincolnwood, IL 60712
Phone (847) 674-3392
Toll Free (866) CyscoXP (297-2697)
Fax (847) 674-2625
----- Original Message -----
From: "pita40" <pita40@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Sunday, February 16, 2003 11:48 AM
Subject: private network traffic and 3550
> I have a question from one of the commercial labs with no answer
provided.
The
> question is
>
> configure cat1 to deny traffic from private networks defined by RFC
1918
on
> Vlan 46.
>
> I am out of ideas on how to solve this question. I thought of
switchport
> protected command, but it seems that is not the answer
>
>
> Help.
>
> P
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:25 GMT-3