Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. NAS
Filtering users
steven at viclink
Aug 14, 2003, 5:33 PM
Post #1 of 2 (558 views)
Permalink
Hi all.

Is it possible to filter traffic between 2 users dialed up to the same AS
box?

I can filter inbound/outbound easy..
But just wondering if there is a way, just in case a user's infected pc trys
to infect others in the same block.

Since the ip's are in the same block, the traffic will just route between
the users, never giving me a change to filter them. Correct?

Steven
Re: Filtering users [ In reply to ]
Aaron at cisco
Aug 15, 2003, 5:01 PM
Post #2 of 2 (542 views)
Permalink
> Hi all.

> Is it possible to filter traffic between 2 users dialed up to the same AS
> box?

> I can filter inbound/outbound easy..
> But just wondering if there is a way, just in case a user's infected pc trys
> to infect others in the same block.

> Since the ip's are in the same block, the traffic will just route between
> the users, never giving me a change to filter them. Correct?

> Steven

No, all your filters (access lists) will apply to dialup users.
Each dialup user is on his own interface. So if you have an
input access list on your group-async/virtual-template/dialer/
whatever, any packets denied by the access list will be dropped
when received from the dial link and will not be switched elsewhere.

Aaron

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal