From: ISolveSystems (support@isolvesystems.com)
Date: Tue Jun 24 2008 - 12:23:38 ART
I change it to .6. Same result.
On Tue, Jun 24, 2008 at 10:01 AM, Tyson Scott <tscott@ipexpert.com> wrote:
> Well,
> You would want to do .5 and .6 not .4 and .5
>
> deny ospf host 1.1.1.1 host 1.1.1.2
> deny ospf host 1.1.1.1 host 224.0.0.5
> deny ospf host 1.1.1.1 host 224.0.0.6
>
> if that still doesn't work only add the network statement that you
> want OSPF running on and then redistribute the route for the
> interfaces you don't want it running on.
>
>
>
> On Tue, Jun 24, 2008 at 10:23 AM, ISolveSystems
> <support@isolvesystems.com> wrote:
> > Hello Expert,
> > I am trying to deny OSPF from forming relationship between ASAs. I tried
> > the following without success. 1.1.1.1 is the neighbor IP address.
> > 1.1.1.2is the local interface IP.
> >
> > access-list DMZ-IN extended deny ospf host 1.1.1.1 host 1.1.1.2
> > access-list DMZ-IN extended deny ospf host 1.1.1.1 host 224.0.0.5
> > access-list DMZ-IN extended deny ospf host 1.1.1.1 host 224.0.0.4
> > access-list DMZ-IN extended deny ip host 1.1.1.1 host 224.0.0.5
> > access-list DMZ-IN extended deny ip host 1.1.1.1 host 224.0.0.4
> >
> > Any idea?
> >
> > Thanks.
> >
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
>
>
>
> --
> Tyson Scott - CCIE #13513 R&S and Security
> Technical Instructor - IPexpert, Inc.
>
> Telephone: +1.810.326.1444
> Fax: +1.810.454.0130
> Mailto: tscott@ipexpert.com
This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:23 ART