Hello Kings, I was thinking that we could define fields in the access-control class-map directly ( without using the stack-control class ). However after going through some docs, i understand that once the PHDF's are loaded, it is a must to create a base STACK class before using the access-control stack.
Here's my config and it works now class-map type stack match-all stack match field layer 1 IP protocol eq 6 next TCP exit class-map type access-control match-all access match field TCP dest-port eq 23 exit policy-map type access-control access class access drop exit policy-map type access-control stack class stack service-policy access exit int fa 0/0 service-policy type access-control input stack I think in my previous config, the FPM engine was looking into some other field and hence the confusion. Thanks, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
