You'll need to permit more than just the one thing... The first hex
number is the values for the SAP (DSAP/SSAP) field. The second hex
number is a mask for it. Think in binary...
That example (all over CCO) is WAY too broad, particularly for
Ethernet-only environments. But the details of this have been discussed
many times here on groupstudy, so I'd suggest looking through the
archives so I don't sound nearly as long-winded as I typically do on
this subject. :)
Enjoy!
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
CISSP, JNCIS, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@xxxxxxxxxx/smorris@xxxxxxxxxxxx
http://www.ipexpert.net
-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
Wei Zou (wzou)
Sent: Sunday, November 23, 2003 9:31 AM
To: ccielab@xxxxxxxxxxxxxx
Subject: SNA SAP Filter
Hi :
Could anyone tell me why the syntax to permit all SNA SAP is:
access-list 200 permit 0x0000 0x0D0D
access-list 200 deny 0x0000 0xFFFF
Other than:
access-list 200 permit 0x0D0D 0x0000
access-list 200 deny 0x0000 0xFFFF
I belive 0x0D0D is for SNA SAP.
Thanks
Wei
_______________________________________________________________________
Please help support GroupStudy by purchasing your study materials from:
http://shop.groupstudy.com
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
