implementation is not always the best, or preferred, method of defining interesting traffic.
access list can be implemented in defining interesting traffic. Rather than being associated with
an interface, the access list is associated with the dialer-list.
already familiar with access lists to some degree.
traffic. The explanation follows the output.
denying FTP and Telnet. That is, they are not allowed to trigger a call setup. Any other IP traffic
attempting to traverse the link triggers the call. Once the call is up, Telnet and FTP can go across
freely.
protocol suite to trigger the call, this line specifies that all traffic attempting to exit through BRI
0 must be tested against access-list 101.
dialer-list has been altered to point to the access list. The dialer-list still must point to the dialer-
group on the interface (that is, the dialer-list and dialer-group numbers must match). The access
list number can be any valid standard or extended access list number (Example 6-6
demonstrates IP only). However, as stated earlier, interesting traffic for any protocol can be
implemented using the appropriate access list command structure.
RouterA(config)#access-list 101 deny tcp any any eq ftp
RouterA(config)#access-list 101 deny tcp any any eq telnet
RouterA(config)#access-list 101 permit ip any any
!
RouterA(config)#interface bri 0
RouterA(config-if)#ip address 10.12.1.1 255.255.255.0
RouterA(config-if)#encapsulation ppp
<output omitted>
RouterA(config-if)#dialer-group 2
!
RouterA(config)#dialer-list 2 protocol ip list 101