It works. Just try it in the lab ...
On 6/27/07, Jeff Tantsura <[EMAIL PROTECTED] > wrote: > > Hi, > > It's not going to work, you'd only match on transit traffic, in order to > match on locally generated traffic you should use local PBR ie: > ip local policy route-map BLAH > > Jeff > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:cisco-nsp- > > [EMAIL PROTECTED] On Behalf Of Ozgur Guler > > Sent: woensdag 27 juni 2007 13:55 > > To: Vikas Sharma > > Cc: [email protected] > > Subject: Re: [c-nsp] Prevent traffic originated from the router > > usingaccess-list > > > > You can drop the relevant traffic with a simple policy-map by applying > it > > to > > an outgoing interface ... > > > > R2#sh policy-map > > Policy Map X > > Class x > > drop > > Class class-default > > > > > > On 6/27/07, Vikas Sharma < [EMAIL PROTECTED]> wrote: > > > > > > Hi, > > > > > > How can I stop traffic originated from local router e.g. from loopback > > > interface of router to go any where? > > > > > > I tried with ACL but it permits the traffic as access-list only stop > > > traffic > > > passing through the router not originated from the router. > > > > > > ========= > > > access-list 101 deny ip host 192.168.5.254 any > > > access-list 101 permit any any > > > > > > ip access-group 101 out > > > ========= > > > > > > Using below conf i am able to achieve the objective. In that I have > > > changed > > > the sourse and destination. Thats correct. > > > > > > But I wanted to know can I achieve the same result using sourse as > > > loopback? > > > > > > working conf - > > > =========== > > > access-list 102 deny ip any host 192.168.5.254 > > > access-list 102 permit ip any any > > > > > > ip access-group 102 in > > > ============== > > > > > > > > > > > > THanks > > > Vikas Sharma > > > _______________________________________________ > > > cisco-nsp mailing list [email protected] > > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > > > > _______________________________________________ > > cisco-nsp mailing list [email protected] > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
