[cisco-bba] isolate virtual access interfaces

Arie Vayner ariev at vayner.net
Thu Jul 6 13:33:42 EDT 2006


Tassos,

A few ideas:

1. Configure an ACL in the vtemplate blocking all egress traffic with
sources from the forbidden range.

2. Configure a route-map for all traffic received over the ppp
sessions, pointing all the traffic to an upstream firewall (which is
next-hop of the LNS), and apply a similar policy as (1).

Arie
CCIE#12198

On 7/6/06, Tassos Chatzithomaoglou <achatz at forthnet.gr> wrote:
> Is there an easy way of making all the vpdn sessions terminating under a common vtemplate (through
> l2tp) not to be able to see each other (but continue to have access to everywhere else)?
>
> --
> Tassos
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
>


More information about the cisco-bba mailing list