Re: Deny traffic from router itself

From: victor.oporto@empresas.telefonica.es
Date: Fri Jan 27 2006 - 07:03:06 GMT-3

• Next message: Ivan: "Re: show commands to verify BPDU"
• Previous message: Henk de Tombe: "FW: 7200 router emulator"
• Maybe in reply to: Popgeorgiev Nikolay: "Deny traffic from router itself"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

        In Cisco 12000, 7500 and 10720 youu can use ip receive acl.

 
http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00805e9255.html

        Victor.
 

Ramiro Garza <ccie15xxx@gmail.com>

Enviado por: nobody@groupstudy.com
26/01/2006 22:50
Por favor, responda a Ramiro Garza

 
        Para: Geert Nijs <geert.nijs@simac.be>
        cc: Nick <seajay76@nate.com>, ccielab@groupstudy.com
        Asunto: Re: Deny traffic from router itself

Nick specified no route-maps should be used.

On 1/25/06, Geert Nijs <geert.nijs@simac.be> wrote:
>
> You can influence packets generated by the router itself using
>
> ip local policy route-map
>
>
> see
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
> fiprrp_r/ind_r/1rfindp1.htm#wp1017871
>
>
>
> Try to redirect some traffic to Null interface, will drop , prevent,
> these packets
>
>
> Geert
> CCIE #13729
>
> -----Oorspronkelijk bericht-----
> Van: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Namens Nick
> Verzonden: vrijdag 20 januari 2006 15:08
> Aan: ccielab@groupstudy.com
> Onderwerp: Re: Deny traffic from router itself
>
>
> Hi!
>
> I'm afraid there is no way to filter the packets the router itself
> generates.
>
> Refer to the following;
>
> "Access lists filter only traffic going through the router. They do not
> filter traffic originating from the router."
> (ICND v2.1(Official Course Book) P.4-27)
>
> HTH
>
> Nick
>
> ----- Original Message -----
> From: "Gustavo Novais" <gustavo.novais@novabase.pt>
> To: "Popgeorgiev Nikolay" <nikolay.popgeorgiev@siemens.com>;
> <ccielab@groupstudy.com>
> Sent: Friday, January 20, 2006 10:40 PM
> Subject: RE: Deny traffic from router itself
>
>
> > You can try an access-class out, on the line vty's. that will limit
> > the destinations to where you may telnet.
> >
> > Gustavo Novais
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> > Of Popgeorgiev Nikolay
> > Sent: sexta-feira, 20 de Janeiro de 2006 12:59
> > To: ccielab@groupstudy.com
> > Subject: Deny traffic from router itself
> >
> > Hello people,
> >
> > I have a question is it possible with a ACL to deny packets from a
> > router itself.For example I want to stop a user connected to the
> > router from making telnet to another router ? But not with transport
> > output command on the line interface, and without a route-map
> >
> >
> > thanks !
> >
> > best,
> > Nick
> >
> > ______________________________________________________________________
> > _
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > ______________________________________________________________________
> > _
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
#############################################################################
########
> Simac N.V. trades under the commercial name Simac ICT Belgium.
> This e-mail and any attached files are confidential and may be legally
> privileged.
> If you are not the addressee, any disclosure, reproduction, copying,
> distribution,
> or other dissemination or use of this communication is strictly
> prohibited.
> If you have received this transmission in error please notify Simac
> immediately
> and then delete this e-mail.
>
> Simac has taken all reasonable precautions to avoid virusses in this
> email.
> Simac does not accept liability for damage by virusses, for the correct
> and complete
> transmission of the information, nor for any delay or interruption of
the
> transmission,
> nor for damages arising from the use of or reliance on the information.
>
> All e-mail messages addressed to, received or sent by Simac or Simac
> employees
> are deemed to be professional in nature. Accordingly, the sender or
> recipient of
> these messages agrees that they may be read by other Simac employees
than
> the official
> recipient or sender in order to ensure the continuity of work-related
> activities
> and allow supervision thereof.
>
>
#############################################################################
########
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Ivan: "Re: show commands to verify BPDU"
• Previous message: Henk de Tombe: "FW: 7200 router emulator"
• Maybe in reply to: Popgeorgiev Nikolay: "Deny traffic from router itself"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Feb 01 2006 - 07:45:50 GMT-3