RE: Help me DLSW+

From: Scott Morris (swm@emanon.com)
Date: Sat Jan 17 2004 - 22:10:38 GMT-3

Next message: William Chen: "Re: DLSW & Dial Backup"
Previous message: C.Sammarcellino@sirtisistemi.it: "Help me DLSW+"
Maybe in reply to: C.Sammarcellino@sirtisistemi.it: "Help me DLSW+"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The ACL would actually block that access from going out, while the
icannotreach would prevent it from being asked/tried (coming in). Would the
end effect be the same?

One little note though to think about... You use a SAP value of C (decimal
12), but in your ACL 201, you use a value of 12. The "0x" part in that same
ACL denotes a hexadecimal number. So which is it supposed to be? A decimal
value of 12 (hex "C") or a hex value of 12? Either way, one of your
notations would be wrong.

So think about asking questions and clearing up any confusion there!

Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIS, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
C.Sammarcellino@sirtisistemi.it
Sent: Saturday, January 17, 2004 6:18 PM
To: ccielab@groupstudy.com
Subject: Help me DLSW+

The questions is Block on r1 user from accessing a SAP witch value of 12, i
have found two possible solution what is the best ?

First
----------------------------------------------------------------------------
----------------------------------------------------------------------------

---

++++++++++++++ R1 ++++++++++++++++++++++++++++ ! dlsw local-peer peer-id 200.0.0.1 dlsw remote-peer 0 tcp 200.0.0.8 lsap-output-list 200 dlsw bridge-group 1 ! interface Loopback0 ip address 200.0.0.1 255.255.255.255 ! access-list 200 deny 0x1212 0x0000 access-list 200 permit 0x0000 0xFFFF

++++++++++++++ R8 ++++++++++++++++++++++++++++ ! dlsw local-peer peer-id 200.0.0.8 dlsw remote-peer 0 tcp 200.0.0.1 dlsw bridge-group 1 ! interface Loopback0 ip address 200.0.0.8 255.255.255.255 !

Second ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---

++++++++++++++ R1 ++++++++++++++++++++++++++++

! dlsw local-peer peer-id 200.0.0.1 dlsw remote-peer 0 tcp 200.0.0.8 dlsw icannotreach sap C dlsw bridge-group 1 !

++++++++++++++ R8 ++++++++++++++++++++++++++++ ! dlsw local-peer peer-id 200.0.0.8 dlsw remote-peer 0 tcp 200.0.0.1 dlsw bridge-group 1 !

Tanks Ciro

Next message: William Chen: "Re: DLSW & Dial Backup"
Previous message: C.Sammarcellino@sirtisistemi.it: "Help me DLSW+"
Maybe in reply to: C.Sammarcellino@sirtisistemi.it: "Help me DLSW+"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:47 GMT-3