Information Technology Reference
In-Depth Information
IPX Access Lists
IPX access lists filter the routes broadcasted by IPX RIP. The standard IPX access list numbers
range from 800 to 899. The extended IPX access list numbers range from 900 to 999.
The command syntax for a standard access list is as follows:
access-list access-list-number [permit | deny] source-net destination-net
The command syntax for an extended access list is as follows:
access-list access-list-number [protocol] source-net source-socket
destination-net destination-socket
The
protocol
field can be a number from 0 to 255 or one of the following keywords:
any
,
ncp
,
netbios
,
rip
,
sap
,
spx
.
The access list is applied on interfaces with the
ipx input-network-filter
or
ipx output-
network-filter
commands.
Example 12-10 filters network 10 outbound on serial 0. The first line in access list 800 denies
IPX network 10. The second line permits all other IPX networks.
Example 12-10
IPX Network Access List
interface e0
ipx network a0
interface e1
ipx network 10
interface s0
ipx network aa
ipx output-network-filter 800
!
ipx routing
!
access-list 800 deny 10
access-list 800 permit -1
SAP Access Lists
SAP access lists can be configured to filter SAP updates that are based on the source network
address, the SAP number, and the name of the server that is generating the SAP service. SAP
numbers are 16 bits in length. Some SAP numbers are 0x0004 for file server, 0x0007 for print
server, and 0x0047 for advertising the print server. A list of Novell SAP numbers can be found
at the following site:
www.iana.org/assignments/novell-sap-numbers
SAP access lists on Cisco routers use list numbers 1000 to 1099. The format is as follows:
access-list access-list-number [deny | permit] network[.node]
[service-type [server-name]]
Search WWH ::
Custom Search