From: Earl Aboytes (earl@xxxxxxxxxxxx)
Date: Wed Apr 26 2000 - 10:19:22 GMT-3
Somebody correct me if I'm wrong, but if you block a zone, you also
block the associated cable range?
Earl
At 02:06 PM 4/25/00 -0400, John Conzone wrote:
Okay you Appletalk guys, help me out. This may be a stupid
question, but as a wise man once said, there is no such thing as
stupid questions, just stupid people!
In the CCIE All in One guide, page 850, it goes over using a
Appletalk data packet filter.
Here's what it lookslike:
appletalk access list 600:
deny zone TopSecret
permit additonal zones
permit other access
This is applied to a tunnel interface outbound on the router.
Now it says if you do a ping to 410.9 (E0) to that router from
another it will fail. Haven't tried it yet but I'll take his word
for it.
What confuses me is that there is a primary zone, and another
secondary zone defined on the same interface as the denied zone,
within the same cable range. So if the cable range is 400-499, and
the interface is 410.9, and there are three zones assigned to this
cable-range, why would denying just one zone block the ping?
Hopefully some of you guys have the book cause I probably
didn't give enough info, but help out a Appletalk challenged
brother if you can!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Earl Aboytes
Senior Technical Consultant
GTE-Managed Solutions
800-483-5325 x8817
earl.aboytes@telops.gte.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:15 GMT-3