The Denver office needs to control what interesting traffic will
bring up the ISDN connection to the Phoenix office. You will setup
an extended ACL and apply it to the dialer group.
Notes:
Lab Tasks:
Use the configurations from Lab 5.5.5. Log into the Denver
office router and enter global configuration mode.
You must block all broadcast traffic, ICMP traffic, and all FTP
traffic from initiating a call. The commands to setup the
access-list are:
Denver(config)#access-list 100 deny ip any host 255.255.255.255
Denver(config)#access-list 100 deny icmp any any
Denver(config)#access-list 100 deny tcp any any eq ftp
Denver(config)#access-list 100 permit ip any any
The next step will be to apply the access list to the dialer.
The command to do this is:
Denver(config)# dialer-list 1 protocol ip list 100
To test the dialer ACL issue the following command:
Denver# ping phoenix
Record your results below:
To again test the dialer ACL issue the following command:
Denver# telnet phoenix
Record your results below:
Exit from the Phoenix router and issue the following command
to see how many packets have matched the access-list. The
command to view the number of matches to an ACL is:
Denver# show access-list
Record your results below:
The final part of the lab is to issue the following command
while the BRI interface is up: