From: Gustavo Novais (gustavo.novais@novabase.pt)
Date: Fri Dec 09 2005 - 16:57:24 GMT-3
Hello
The question states
Configure SW1 and SW2 to only allow IPv4 traffic and necessary layer 2 traffic
to vlan 56.
Use a named ACL called IPONLY to accomplish this.
Reading this, I thought on building a extended MAC access-list matching
ethertypes 0x800 (IP), 0x806 (ARP), and 0x4242 (STP - had to research that
one).
I called this mac-access list IPONLY. Then I applied the vlan access-map (with
ACL applied) to vlan 56.
The author's solution was similar, but instead of matching everything on the
MAC ACL, they did a extended ACL called IPONLY, on which they permitted ip any
any. The L2 protocols were matched by another mac ACL called something else.
My question is: on the lab would both be correct? Or is matching the IP
ethertype a less accurate solution?
Thanks
Gustavo Novais
Network Engineer AAN - All Area Networks
Cisco CCNP, CQS-Wireless.
.............................................................................
.........
Novabase IIS - Infraestruturas e Integragco de Sistemas Informaticos, SA
Av. Do Forte n: 6, 2790-072 Carnaxide
Tel. 21 425 80 00 Fax 21 425 80 99
Mob. 913496569
Email: gustavo.novais@novabase.pt
<BLOCKED::blocked::mailto:gustavo.novais@novabase.pt>
www.novabase.pt
<BLOCKED::blocked::file:///C:/Documents%20and%20Settings/nb12444.NOVABASE/App
lication%20Data/Microsoft/Signatures/www.novabase.pt>
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3