[c-nsp] L2TPv3 and Filtering
Jeffrey Ollie
jeff at ocjtech.us
Tue Apr 8 13:49:35 EDT 2008
On Tue, Apr 8, 2008 at 12:44 PM, Bernd Ueberbacher <noc at mynet.at> wrote:
>
> I asked almost the same question some time ago and got this answer:
>
> > > Is it possible to interfere the L2TP traffic with access-lists?
> >
> > No. Not on the access side.
>
> A bit later I got the explanation:
>
> "AFAIK no. The features applied on ingress are not evaluated on
> L3 info. We simply encapsulate the raw L2 frame and ship it over."
Hmm... shoot. Too bad the 3750s (non-E) that these routers plug into
can't do outbound access lists and the input access lists that I tried
on the switches seemed to affect ports other than the one that it was
configured on. Is there any other way to do the L2 tunneling? MPLS
maybe? I know nothing about MPLS and we don't run it currently.
Jeff
More information about the cisco-nsp
mailing list