I am not able get your question. With regards Kings
On Sun, Jun 24, 2012 at 2:19 PM, waleed ' <[email protected]> wrote: > so if we make cbac policy and configured to affect router traffic , and > applied it inbound on the interface it will not affect the traffic sourced > from the loopback (if we do not use PBR) right ? because it is not affected > by the acl ? > regards > > ------------------------------ > Date: Sun, 24 Jun 2012 13:26:02 +0530 > > Subject: Re: [OSL | CCIE_Security] outbound ACL > From: [email protected] > To: [email protected] > CC: [email protected] > > With PBR, it is routed from the loopback interface to the egress interface > hence acl with process the traffic. > > But, if you ping sourced from loopback, it still considered as router self > generated traffic > > With regards > Kings > > On Sun, Jun 24, 2012 at 1:02 PM, waleed ' <[email protected]> wrote: > > why to use PBR , there is no difference if I sourced my traffic from > loopback : > > > R1-------R2 > > > > R1: f0/0 10.0.0.1 lo0 1.1.1.1 > R2: f0/0 10.0.0.2 lo0 2.2.2.2 > > > and there is outbound access-list on R2: f0/0 and if I use access-list > 120 deny ip any any as outbound on R2 f0/0 , I can ping from the R2 to R1 > using lo0 as source . so can you please clarify the work of PBR here ? > > regards > > ------------------------------ > Date: Sun, 24 Jun 2012 12:57:45 +0530 > Subject: Re: [OSL | CCIE_Security] outbound ACL > From: [email protected] > To: [email protected] > CC: [email protected] > > > Use local PBR and a loopback intf should do the trick. > > With regards > Kings > > On Sun, Jun 24, 2012 at 12:41 PM, waleed ' <[email protected]> wrote: > > is there way to make interface outbound access-list affect router > traffic ? > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
