I have this topology
r1 ---R2 --- r3
R2 is bridging E0/0[to R1] and E0/1[to R3]. I am using IRB. with
"Bridge 1 route ip". I assign the BVI with an Ip address from the
same subnet as R1 and R3. now. i configure CBAC and put it in inbound
on E0/0 [R2] and an accesslist denying ICMP, IP, on E0/1 R2.
unfortunately there are no hits on the ACL. and CBAC isn't inspecting
the ICMP inbound on R2's E0/0. Is it a requirement for them to RUN
dot1q encapsulation for l2firewall to work? . the connections in my
diagram, there's no switches involved. hence no trunking?
-- Sent from Karnataka, India John Blake - "The world tolerates conceit from those who are successful, but not from anybody else." - http://www.quotationspage.com/quote/26825.html Blogs and organic groups at http://www.ccie.netReceived on Wed Oct 28 2009 - 00:21:34 ART
This archive was generated by hypermail 2.2.0 : Sun Nov 01 2009 - 07:51:01 ART