Page 706

682 Chapter 9: Scenarios for Final Preparation

network 170.1.0.0

!
access-list 102 permit tcp any host 170.1.2.11 eq ftp
access-list 102 permit tcp any host 170.1.2.11 eq www
access-list 102 permit tcp any host 170.1.2.12 eq ftp
access-list 102 permit tcp any host 170.1.2.12 eq www
access-list 102 deny ip any host 170.1.2.11
access-list 102 deny ip any host 170.1.2.12
access-list 102 deny ip 170.1.4.0 0.0.1.255 170.1.6.0 0.0.1.255
access-list 102 permit ip any any

access-list 103 permit tcp any host 170.1.2.11 eq ftp
access-list 103 permit tcp any host 170.1.2.11 eq www
access-list 103 permit tcp any host 170.1.2.12 eq ftp
access-list 103 permit tcp any host 170.1.2.12 eq www
access-list 103 deny ip any host 170.1.2.11
access-list 103 deny ip any host 170.1.2.12
access-list 103 deny ip 170.1.6.0 0.0.1.255 170.1.4.0 0.0.1.255
access-list 103 permit ip any any

access-list 104 permit tcp any host 170.1.2.11 eq ftp
access-list 104 permit tcp any host 170.1.2.11 eq www
access-list 104 permit tcp any host 170.1.2.12 eq ftp
access-list 104 permit tcp any host 170.1.2.12 eq www
access-list 104 deny ip any host 170.1.2.11
access-list 104 deny ip any host 170.1.2.12
access-list 104 permit ip any any

Example 9-16

R2 Configuration

ipx routing 0200.bbbb.bbbb
!
interface serial0
encapsulation frame-relay
interface serial 0.1 point-to-point
ip address 170.1.10.2 255.255.254.0
ipx network 10
frame-relay interface-dlci 301
ipx output-sap-filter 1001
!
interface ethernet 0
ip address 170.1.5.2 255.255.254.0
ipx network 4 encapsulation sap
ipx network 5 encapsulation snap secondary
!
router igrp 1
network 170.1.0.0
!
access-list 1001 deny 103
access-list 1001 permit -1

Example 9-15

R1 Configuration (Continued)

ch09.fm Page 682 Monday, March 20, 2000 5:23 PM