ISDN question

Unanswered Question
Jun 2nd, 2007

Hi i have a question:

If my condition for invoking an isdn call is:

>dialer-list 1 protocol ip permit

does it mean that when someone tries to ping my router or send it some other packets the dial occurs?

2)another question is that if i combine the following inbound acl:

>access-list 101 deny ip any host [my router's ip address]

with the configuration of the dialer-list above, who takes precedes?

Will the acl override the dialer settings and as a result the isdn dial will never happen?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sundar.palaniappan Sat, 06/02/2007 - 06:49

"dialer-list 1 protocol ip permit

does it mean that when someone tries to ping my router or send it some other packets the dial occurs?"

This statement considers any IP traffic as interesting to trigger the ISDN link. This works in conjunction with the routing. If you have a route pointing to the next hop via ISDN then any IP traffic to that network would cause the router to initiate the ISDN link.

"2)another question is that if i combine the following inbound acl:

>access-list 101 deny ip any host [my router's ip address]"

You only use either or and not both. I don't know if the router would even let you configure both commands. Even if it would why would you want to configure both commands. If you want to be granular in identifying interesting traffic then use the second option of access lists or the first command if you want any IP traffic to trigger the DDR link.

HTH

Sundar

milkdroogy Sat, 06/02/2007 - 08:31

Sundar

But who is "stronger" ACL's or the Dialer-list rules(when not using ACLs in them)?

Its like in windows "Security Permissions" are stronger than "Sharing Permissions"...

Richard Burts Sat, 06/02/2007 - 10:01

Oren

I believe that Sunday misunderstood your question. His response indicates that he believes that you intend to try to use both access lists in the dialer list. I understand that you want to use the first access list with dialer list and the second access list as an inbound ip access-group on the dialing interface.

I would answer your question by observing that the dialer list controls when dialing activity will occur and the access-group filters traffic after the interface has dialed. In that sense you might interpret the dialer list as "stronger". But I will also note that it is a quite different relationship than that of "Security Permissions" or "Sharing Permissions".

HTH

Rick

sundar.palaniappan Sat, 06/02/2007 - 12:53

Oren,

I did infact misunderstood your 2nd question. As Rick pointed out they serve independent functions.

Dialer list identifies interesting traffic that can trigger the ISDN link. Access list inbound applies access rules to the traffic arriving on the dialer interface after the call connects successfully.

HTH

Sundar

Richard Burts Sun, 06/03/2007 - 04:49

Sundar

Quite right.

And my apologies for the typo in my previous post that mis-spelled your name.

HTH

Rick

Actions

This Discussion