RE: [cisco-ttl] access list hakkında

From: Serhat Erkan (serkan_at_oytek.com.tr)
Date: Wed Aug 11 2004 - 06:10:58 GMT

  • Next message: İsmail: "[cisco-ttl] codec problemi"

    Eğer standart MS terminal server ise TCP 3389'a access list uygulamak gerekiyor. Onun haricinde access-list'ün sonunda "implicit deny" vardır. Yani diğer trafiğe izin vermek için en alta permit any any koyman gerekmez mi?
     
    Mesela aşağıdaki gibi olmalı
     
     
    Yonlendirici#sh ip access-lists
    Extended IP access list 109
        deny eigrp any any (7795 matches)
        deny ip any host 224.0.0.9
        deny ip any host 224.0.1.41
        permit ip any any (300228 matches)
     
     
    Serhat ERKAN

    serkan_at_oytek.com.tr <blocked::mailto:serkan_at_oytek.com.tr>
    www.oytek.com.tr <blocked::http://www.oytek.com.tr/>
     

      _____

    From: Barış [mailto:baris_at_k2b.com.tr]
    Sent: Wednesday, August 11, 2004 8:53 AM
    To: cisco-ttl_at_yahoogroups.com
    Subject: RE: [cisco-ttl] access list hakkında

     
     
    3189 terminal server portu fakat bunu listi uygulayınca bütün trafik kesiliyor.Hata nerde acaba
    -----Original Message-----
    From: Serhat Uslay [mailto:serhat.uslay_at_zurich.com.au]
    Sent: Wednesday, August 11, 2004 2:31 AM
    To: cisco-ttl_at_yahoogroups.com
    Subject: Re: [cisco-ttl] access list hakkında
     

    Baris,
    Bu trafik (3189) nereden geliyorsa onun ilk karsilastigi interface ustunde ACL i yazman iyi bir pratiktir..
    Eger senin LAN'inden serial'a gidiyorsa eth portune,
    eger serial dan iceriye geliyorsa serial portuna uygulaman lazim.
    3189 ne ? Pinaccle Systems ??

    Serhat
    Please respond to cisco-ttl_at_yahoogroups.com
    To: <cisco-ttl_at_yahoogroups.com>
    cc:
    Subject: [cisco-ttl] access list hakkında

      

    İlk önce herkese iyi çalışmalar.Yapmak istediğim routerin 3189 numaralı port isteklerini geçirmemesi.

    Router#ship access-lists

    ExtendedIP accesslist100

        denyip 192.168.10.0 0.0.0.255 any

    ExtendedIP accesslist101

        denytcpanyanyeq3189

    şöyle bir Access-listoluşturdum.Bunu ethportuna'mıuygulamam gerekiyor yoksa serialportunamı.192.168.10.0 networkundengelen istekler geçmeyecek.Teşekkürler.

      

    Eth0:192.168.10.1

    Serial0 :192.168.11.5

     Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Yahoo! Groups Sponsor
    ADVERTISEMENT
    click here <http://us.ard.yahoo.com/SIG=1295cp9pm/M=298184.5285298.6392945.3001176/D=groups/S=1705004726:HM/EXP=1092231554/A=2164330/R=0/SIG=11eamf8g4/*http:/www.netflix.com/Default?mqso=60183350>
    [IMAGE]
     
      _____

    Yahoo! Groups Links
    * To visit your group on the web, go to:
    * http://groups.yahoo.com/group/cisco-ttl/ <http://groups.yahoo.com/group/cisco-ttl/>
    *
    * To unsubscribe from this group, send an email to:
    * cisco-ttl-unsubscribe_at_yahoogroups.com <mailto:cisco-ttl-unsubscribe_at_yahoogroups.com?subject=Unsubscribe>
    *
    * Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service <http://docs.yahoo.com/info/terms/> .

    ------------------------------------------------------------------------ This email is intended for the named recipient only. The information contained in this message may be confidential, or commercially sensitive. If you are not the intended recipient you must not reproduce or distribute any part of the email, disclose its contents to any other party, or take any action in reliance on it. If you have received this email in error, please contact the sender immediately. Please delete this message from your computer. ------------------------------------------------------------------------

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Yahoo! Groups Sponsor
    ADVERTISEMENT
    click here <http://us.ard.yahoo.com/SIG=1293dj7gd/M=298184.5285298.6392945.3001176/D=groups/S=1705004726:HM/EXP=1092293629/A=2164330/R=0/SIG=11eamf8g4/*http://www.netflix.com/Default?mqso=60183350>
     <http://us.adserver.yahoo.com/l?M=298184.5285298.6392945.3001176/D=groups/S=:HM/A=2164330/rand=807199518>

      _____

    Yahoo! Groups Links

    * To visit your group on the web, go to:
            http://groups.yahoo.com/group/cisco-ttl/
              
    * To unsubscribe from this group, send an email to:
            cisco-ttl-unsubscribe_at_yahoogroups.com <mailto:cisco-ttl-unsubscribe_at_yahoogroups.com?subject=Unsubscribe>
              
    * Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service <http://docs.yahoo.com/info/terms/> .

    ____________________________________________________________________________________________________________________________
    Bu e-mail'in tüm icerigi gönderenin kisisel tasarrufu ile olusturulmus ve gönderilmistir. Oyak Teknoloji Bilisim ve Kart Hizmetleri A.S. bu e-mail icerigi hakkinda sorumluluk kabul etmez.

    This e-mail has been sent by the sender under his/her own individual discreation. Oyak Teknoloji Bilisim ve Kart Hizmetleri A.S. accepts no responsibility.



    This archive was generated by hypermail 2.1.5 : Wed Aug 11 2004 - 09:08:49 GMT