[nsp] access-class XX in vrf-also
p.gaspar at mobilkom.at
p.gaspar at mobilkom.at
Tue Jan 27 09:52:32 EST 2004
Hello,
has anyone of you guys seen documentation to the following command in vty
configuration?
access-class 99 in vrf-also
The behavior of it is somehow strange.
1. if no access class is configured on vty, all connections (also from all
VRFs) are allowed
2. if "access-class 99 in" is configured, _ALL_ telnet attemts
_comming_from_VRF_ interfaces are blocked, even if the ip address of the
telneting host is permited in access-list. The telnet requests comming from
non-VRF interfaces are processed according to the access-list configured
3. if "access-class 99 in vrf-also" is configured, telnet requests from VRF
interfaces are processed according to access-list aswel are the non-VRF
requests.
The question is: Do we understand the behavior of this command right? Is
there a way how to configure separate access-class for each VRF?
thanks
Peter
Mag. Peter Gaspar
Mobile Core Networks
mobilkom austria AG & Co KG
Obere Donaustraße 29; A-1020 Wien
Tel.: +43 - (0)1 - 331 61 6255
Mobil: +43 - (0)664 - 331 6255
Fax: +43 - (0)1 - 331 97911 6255
e-mail: p.gaspar at mobilkom.at
http://www.mobilkom.at/
More information about the cisco-nsp
mailing list