- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: SNA SAP Filter posted 11/23/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

You'll need to permit more than just the one thing...  The first hex
number is the values for the SAP (DSAP/SSAP) field.  The second hex
number is a mask for it.  Think in binary...

That example (all over CCO) is WAY too broad, particularly for
Ethernet-only environments.  But the details of this have been discussed
many times here on groupstudy, so I'd suggest looking through the
archives so I don't sound nearly as long-winded as I typically do on
this subject. :)


Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
CISSP, JNCIS, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor

-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
Wei Zou (wzou)
Sent: Sunday, November 23, 2003 9:31 AM
To: ccielab@xxxxxxxxxxxxxx
Subject: SNA SAP Filter

Hi :
Could anyone tell me why the syntax to permit all SNA SAP is:

access-list 200 permit 0x0000 0x0D0D
access-list 200 deny   0x0000 0xFFFF

Other than:
access-list 200 permit 0x0D0D 0x0000
access-list 200 deny   0x0000 0xFFFF

I belive 0x0D0D is for SNA SAP.


Please help support GroupStudy by purchasing your study materials from:

Subscription information may be found at: