[c-nsp] IP Access-group question
Rodney Dunn
rodunn at cisco.com
Wed Oct 25 11:34:25 EDT 2006
It's been that way since day one of IOS.
Rodney
On Wed, Oct 25, 2006 at 09:21:44AM -0400, Thanh_Mai at 3com.com wrote:
>
>
>
>
> Is there a special reason why applying an extended access-list out an
> ethernet interface to "deny ip any any"does not deny traffic originated
> from that router(that interface or any other interface as in an ping
> sourced from another local interface. But it does deny traffic passing
> through the router out that interface as it should. I'm puzzled by this
> phenomenon. I must have slept through reading this special case or
> something. Can anyone shed some light into this for me?
> Thanks.
> -Thanh
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list