Deny OSPF neighbor relationship using access list

June 24, 2008 @ 11:09 am · Filed under CCIE Study

Then do my second recommendation
On Tue, Jun 24, 2008 at 11:23 AM, ISolveSystems wrote: > I change it to .6. Same result. > > On Tue, Jun 24, 2008 at 10:01 AM, Tyson Scott wrote: >> >> Well, >> You would want to do .5 and .6 not .4 and .5 >> >> deny ospf host 1.1.1.1 host 1.1.1.2 >> deny ospf host 1.1.1.1 host 224.0.0.5 >> deny ospf host 1.1.1.1 host 224.0.0.6 >> >> if that still doesn’t work only add the network statement that you >> want OSPF running on and then redistribute the route for the >> interfaces you don’t want it running on. >> >> >> >> On Tue, Jun 24, 2008 at 10:23 AM, ISolveSystems >> wrote: >> > Hello Expert, >> > I am trying to deny OSPF from forming relationship between ASAs. I >> > tried >> > the following without success. 1.1.1.1 is the neighbor IP address. >> > 1.1.1.2is the local interface IP. >> > >> > access-list DMZ-IN extended deny ospf host 1.1.1.1 host 1.1.1.2 >> > access-list DMZ-IN extended deny ospf host 1.1.1.1 host 224.0.0.5 >> > access-list DMZ-IN extended deny ospf host 1.1.1.1 host 224.0.0.4 >> > access-list DMZ-IN extended deny ip host 1.1.1.1 host 224.0.0.5 >> > access-list DMZ-IN extended deny ip host 1.1.1.1 host 224.0.0.4 >> > >> > Any idea? >> > >> > Thanks. >> > >> > >> > _______________________________________________________________________ >> > Subscription information may be found at: >> > http://www.groupstudy.com/list/CCIELab.html >> > >> > >> > >> > >> > >> >>
Tyson Scott - CCIE #13513 R&S and Security Technical Instructor - IPexpert, Inc.
Telephone: +1.810.326.1444 Fax: +1.810.454.0130 Mailto: tscott@ipexpert.com

Bookmark this post:These icons link to social bookmarking sites where readers can share and discover new web pages.