Hi Saku,
I forgot to mention that the question said to limit telnet access to
loopback of two routers without using Access lists so i can see your answer
makes sense but what do you mean by MPLS LSR ?
Thanks,
Joost
On Fri, Aug 1, 2008 at 5:04 PM, Saku Ytti
[EMAIL PROTECTED][EMAIL PROTECTED]
On (2008-08-11 11:13 +0300), Joost greene wrote:
I forgot to mention that the question said to limit telnet access to
loopback of two routers without using Access lists so i can see your answer
makes sense but what do you mean by MPLS LSR ?
LSR = Label Switch(ing) Router. Essentially it's
Ok, i thought this is a feature i dont know about :)
I guess the answer would be PBR with prefix-list.
Thank you all.
On Mon, Aug 11, 2008 at 11:21 AM, Saku Ytti
[EMAIL PROTECTED][EMAIL PROTECTED]
wrote:
On (2008-08-11 11:13 +0300), Joost greene wrote:
I forgot to mention that the
On (2008-08-11 11:36 +0300), Joost greene wrote:
Ok, i thought this is a feature i dont know about :)
I guess the answer would be PBR with prefix-list.
Although question was protocol specific which makes
it hard to satisfy without ACLs. You could imagine
that the box may be offering NTP, DNS
Saku Ytti wrote:
Although question was protocol specific which makes
it hard to satisfy without ACLs. You could imagine
that the box may be offering NTP, DNS or TFTP to the
network which should continue to work.
you could potentially do it using CoPP policy with a CoPP policy for the
On (2008-08-11 20:30 +1000), Lincoln Dale wrote:
you could potentially do it using CoPP policy with a CoPP policy for the
address(es) you wish, 0bps configured for other rates.
OP was about doing it w/o ACL, CoPP would violate that rule.
if its just telnet, then certainly an
ACL restriction might not rule out the prefix-list option.
So i would go for the prefix list + route-map solution.
--- On Fri, 1/8/08, Joost greene [EMAIL PROTECTED] wrote:
From: Joost greene [EMAIL PROTECTED]
Subject: [c-nsp] Filtering telnet without ACL
To: cisco-nsp@puck.nether.net
Date
I think if I loosen the definition of telnet I can win here.
no transport input telnet on the VTYs.
Then connect your console/aux into your terminal server / DCN and access
it via telnet.
Dave.
Joost greene wrote:
Hello,
Someone challenged me with a question on how i can filter telnet
Saku Ytti wrote:
I assume challenge was set, because asker knows how to do it.
Or the asker didn't know how to do it and it cost him some time and a
few points, somewhere, in some lab...
--
Jay Hennigan - CCIE #7880 - Network Engineering - [EMAIL PROTECTED]
Impulse Internet Service -
Hello,
Someone challenged me with a question on how i can filter telnet access to
one router from all hosts except two of them WITHOUT using access-lists or
access-line under the VTY? any ideas?
Regards,
Joost
___
cisco-nsp mailing list
On Fri, 01 Aug 2008, Joost greene wrote:
Hello,
Someone challenged me with a question on how i can filter telnet access to
one router from all hosts except two of them WITHOUT using access-lists or
access-line under the VTY? any ideas?
Regards,
Joost
On (2008-08-01 15:14 +0200), Joost greene wrote:
Hey,
Someone challenged me with a question on how i can filter telnet access to
one router from all hosts except two of them WITHOUT using access-lists or
access-line under the VTY? any ideas?
I assume challenge was set, because asker knows
On Fri, August 1, 2008 4:14 pm, Joost greene wrote:
Hello,
Someone challenged me with a question on how i can filter telnet access to
one router from all hosts except two of them WITHOUT using access-lists or
access-line under the VTY? any ideas?
Regards,
Joost
:)
- Original Message -
From: Iassen Anadoliev [EMAIL PROTECTED]
To: Joost greene [EMAIL PROTECTED]
Cc: cisco-nsp@puck.nether.net
Sent: Saturday, August 02, 2008 12:08 AM
Subject: Re: [c-nsp] Filtering telnet without ACL
On Fri, August 1, 2008 4:14 pm, Joost greene wrote:
Hello
:)
- Original Message -
From: Iassen Anadoliev [EMAIL PROTECTED]
To: Joost greene [EMAIL PROTECTED]
Cc: cisco-nsp@puck.nether.net
Sent: Saturday, August 02, 2008 12:08 AM
Subject: Re: [c-nsp] Filtering telnet without ACL
On Fri, August 1, 2008 4:14 pm, Joost greene wrote:
Hello
15 matches
Mail list logo