Working through a Security practice lab and I'm drawing a blank on this one.
* enable access control on R4 to allow management access via the R4 gi0/1
interface only
* management traffic to any other interfaces should be dropped
* do not use interface access control list to achieve this task
* do not use vty ACL to achieve this task
R4 gi0/1 has a single host behind it (R3), which has a 0/0 route pointing to
R4. So far, the only thing I'm coming up with is PBR to null route any
traffic to interface IP's other than gi0/1, but without testing I'm not sure
that will work to router-local traffic.
B*
-- Brian C Landers http://www.packetslave.com/ CCIE #23115 Blogs and organic groups at http://www.ccie.netReceived on Tue Jul 06 2010 - 06:00:53 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 19:19:15 ART