[cisco-bba] isolate virtual access interfaces
Tassos Chatzithomaoglou
achatz at forthnet.gr
Thu Jul 6 14:32:34 EDT 2006
Arie Vayner wrote on 6/7/2006 20:33:
> Tassos,
>
> A few ideas:
>
> 1. Configure an ACL in the vtemplate blocking all egress traffic with
> sources from the forbidden range.
>
That seems an easy one.
I still wonder why i didn't think of this one before.
Thanks Arie ;)
--
Tassos
> 2. Configure a route-map for all traffic received over the ppp
> sessions, pointing all the traffic to an upstream firewall (which is
> next-hop of the LNS), and apply a similar policy as (1).
>
> Arie
> CCIE#12198
>
> On 7/6/06, Tassos Chatzithomaoglou <achatz at forthnet.gr> wrote:
>> Is there an easy way of making all the vpdn sessions terminating under
>> a common vtemplate (through
>> l2tp) not to be able to see each other (but continue to have access to
>> everywhere else)?
>>
>> --
>> Tassos
>> _______________________________________________
>> cisco-bba mailing list
>> cisco-bba at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>
>
More information about the cisco-bba
mailing list