[f-nsp] access-lists on ve Interfaces
Ryan DeBerry
rdeberry at gmail.com
Sun May 27 08:37:48 EDT 2007
what code are you running?
On 5/27/07, Daniel <daniel at ipv6-network.de> wrote:
>
> Guten Tag Daniel,
>
> am Samstag, 26. Mai 2007 um 12:06 schrieben Sie:
>
> > Hi all,
>
> > is there any way to access-lists on a ve interface?
> > I used following setting to do this:
>
> > !
> > access-list 102 deny icmp any any administratively-prohibited
> > access-list 102 permit ip any any
> > !
> > interface ve 305
> > ip address 192.168.0.1/24
> > ip access-group ve-traffic
> > ip access-group 102 in
> > ip access-group 102 out
> > !
>
> > This is only a test access-list which deny icmp
> > The access-list dont work on ve interfaces.
>
>
> i found the solution. After u modify a access-list u need to appley
> it "ip rebind-acl all/number/name" in conf t mode.
> Then everythink works fine.
>
>
> --
> Mit freundlichen Grüßen
> Daniel
> mailto:daniel at ipv6-network.de
>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20070527/f0229249/attachment.html>
More information about the foundry-nsp
mailing list