GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: DLSW NB name filtering posted 01/10/2001
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Hi,

I think that your access list is not working because when you say "deny
CHUCK1200" and " dlsw ... host-netbios-out nbnames", in fact you deny the
destination not the source netbios-name.

-----Original Message-----
From: Chuck Church [mailto:cchurch@xxxxxxxxxxxx]
Sent: Wednesday, January 10, 2001 3:28 AM
To: 'Ronnie Royston'; CCIE Lab group (E-mail)
Subject: RE: DLSW NB name filtering


Sorry I wasn't totally clear on the DLSW config.  These are all my important
DLSW lines:

netbios access-list host nbnames deny CHUCK1200
netbios access-list host nbnames permit *
!
dlsw local-peer peer-id 192.168.11.1
dlsw remote-peer 0 tcp 192.168.101.1 host-netbios-out nbnames
dlsw bridge-group 1

The CHUCK1200 device is hanging off of this routers' e0 interface, which is
in bridge group 1.  I also tried CHUCK* on the deny line, and got the same
result.

Chuck Church
CCNP, CCDP, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000 x218



-----Original Message-----
From: Ronnie Royston [mailto:RonnieR@xxxxxxxxxxxxxxxxx]
Sent: Tuesday, January 09, 2001 4:46 PM
To: 'Chuck Church'; CCIE Lab group (E-mail)
Subject: RE: DLSW NB name filtering


Is this what you have?

netbios access-list host FILTER_1 deny STATION1
netbios access-list host FILTER_1 permit *
!
dlsw local-peer peer-id 30.3.3.3
dlsw remote-peer 0 tcp 1.1.1.1 host-netbios-out FILTER_1

-----Original Message-----
From: Chuck Church [mailto:cchurch@xxxxxxxxxxxx]
Sent: Tuesday, January 09, 2001 12:34 PM
To: CCIE Lab group (E-mail)
Subject: DLSW NB name filtering


All,

      I'm trying to filter out netbios names before they get to my DLSW
peer.  Network looks like:

(CHUCK1200 laptop)--ethernet--routerC----serial HDLC--routerA--ethernet
                               DLSW-------------------DLSW

 My NB name ACLs on router C are:

netbios access-list host nbnames deny CHUCK1200
netbios access-list host nbnames permit *

If I use it like this, CHUCK1200 gets though to the other peer.  If I remove
the 'permit *' line, the device gets blocked, either because of the first
line, or by an implicit deny (I'm not sure if these NB ACLs have an implicit
deny).  Any ideas?

Thanks,

Chuck Church
CCNP, CCDP, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000 x218


_______________________________________________________
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing:
unsubscribe ccielab

_______________________________________________________
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing:
unsubscribe ccielab

_______________________________________________________
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing:
unsubscribe ccielab