Configuring serial dialer-list dialer-group-from newbie-practicing for - TechRepublic
TechRepublic | Forums | IT Employment
IT Employment
Question
June 16, 2008 at 09:09 AM
#2160594
cewcathar

Configuring serial dialer-list dialer-group–from newbie–practicing for

by cewcathar . Updated 18 years ago

Hi, I’m practicing for CCNA; I want to know if I can have 2 dialer-lists 2 dialer-groups? 2 permits? for interface pri0

Also, if so, can I have statements such as:
dialer-list 1 permit list 101in in
dialer-list 1 permit list 101out out

??

That is, can I specify the direction of the permit?? That’s what I ultimately want to do!

Thanks!
(My configurations are below)
–CEW
!
RouterN (config)# interface pri0
RouterN (config-if)# bandwidth 1544
! The above is the default setting of 1544 kbps and I did not need to

configure it
! I have a separate clocking device with the DCE cable as noted
RouterN (config-if)# ip nat outside
! * * *
! RouterN (config-if)# encapsulation ppp
! RouterN (config-if)# ppp authentication chap pap callin
! RouterN (config-if)# ppp chap hostname ISPusernameISDN
! it’s the isp’s name not specified
! RouterN (config-if)# ppp chap password ???????
! not specified
RouterN(config-if)# no ip proxy-arp
RouterN(config-if)# no ip directed-broadcast
RouterN(config-if)# no ip source-route
! * * *
! CAN I have 2 permit statements?
! 2 dialer-list s 2 dialer-group ‘s
RouterN (config)# dialer-list 1 permit list 101
RouterN (config)# interface pri0
RouterN (config-if)# dialer-group 1
RouterN (config-if)# exit

RouterN (config)# dialer-list 2 permit list 102
RouterN (config)# interface pri0
RouterN (config-if)# dialer-group 2
RouterN (config-if)# exit
!
RouterN (config)# ip router 0.0.0.0 0.0.0.0 pri0

! * * *
! The access-lists aren’t specified above
! See below if you are curious
RouterN (config)# access-list 101 deny ip any 192.168.129.0 0.0.0.255
! RouterN (config)# access-list 101 deny tcp 192.168.129.0 0.0.0.255 any
! is the above command o.k. when I have more tcp statements? but they are permits
! RouterN (config)# access-list 101 deny udp 192.168.129.0 0.0.0.255
! is the above command o.k. when I have more udp statements? but they are permits
! The commands above all block our private network addresses
! from coming from outside and accessing this interface
RouterN (config)# access-list 101 permit tcp any any eq http
RouterN (config)# access-list 101 permit tcp any any eq https
RouterN (config)# access-list 101 permit tcp any any eq sftp
RouterN (config)# access-list 101 permit tcp any any eq ssh
RouterN (config)# access-list 101 permit udp any any eq 67
RouterN (config)# access-list 101 permit udp any any eq 68
! is this the syntax for port #’s??
RouterN (config)# access-list 101 permit icmp x.x.x.x
0.0.0.0 any echo-request
! x.x.x.x. is the NAT address
RouterN (config)# access-list 101 permit icmp any x.x.x.x 0.0.0.0 echo-reply
! x.x.x.x is the NAT address
RouterN (config)# access-list 101 permit icmp any any packet-too-big
RouterN (config)# access-list 101 permit icmp any any ttl-exceeded
RouterN (config)# access-list 101 permit icmp any any administratively-prohibited
RouterN (config)# access-list 101 permit icmp any any net-unreachable
RouterN (config)# access-list 101 permit icmp any any host-unreachable
RouterN (config)# access-list 101 permit icmp any any port-unreachable
RouterN (config)# access-list 101 permit icmp any any protocol-unreachable
RouterN (config)# access-list 101 permit icmp any any source-quench
RouterN (config)# access-list 101 permit tcp any any eq pop
RouterN (config)# access-list 101 permit tcp any any eq imap
RouterN (config)# access-list 101 permit tcp any any eq smtp
! Deny anything else have I missed anything
! Wehave to allow people to also retrieve email off the web
! Probably so so we have to permit all email protocols
! outbound and inbound
! But the web proxies can double as email proxies and strip off attachments
!
! Now for access-list for email proxy 102
RouterN (config)# access-list 102 deny ip any 192.168.129.0 0.0.0.255
! RouterN (config)# access-list 102 deny tcp 192.168.129.0 0.0.0.255 any
! is the above command o.k. when I have more tcp statements?
! RouterN (config)# access-list 102 deny udp 192.168.129.0 0.0.0.255
! is the above command o.k. when I have more udp statements?
! The commands above all block our private network addresses
! from coming from outside and accessing this interface
RouterN (config)# access-list 102 permit tcp any any eq ssh
! I’m not gonna let inbound pings I don’t think
RouterN (config)# access-list 102 permit icmp any x.x.x.x 0.0.0.0 echo-reply
! x.x.x.x is a NAT address
RouterN (config)# access-list 102 permit icmp any any packet-too-big
RouterN (config)# access-list 102 permit icmp any any ttl-exceeded
RouterN (config)# access-list 102 permit icmp any any administratively-prohibited
RouterN (config)# access-list 102 permit icmp any any net-unreachable
RouterN (config)# access-list 102 permit icmp any any host-unreachable
RouterN (config)# access-list 102 permit icmp any any port-unreachable
RouterN (config)# access-list 102 permit icmp any any protocol-unreachable
RouterN (config)# access-list 102 permit icmp any any source-quench
RouterN (config)# access-list 102 permit tcp any any eq pop
RouterN (config)# access-list 102 permit tcp any any eq smtp
! Deny anything else have I missed anything
! * * *

This discussion is locked

All Comments