I have been racking my brain on this particular issue. What I am trying to do is create a Public VLAN for vendors and vistors in our company that will restrict them from accessing our corporate network while allowing them to access web, email and VPn connections to the outside. In addtion when people connect to this VLAN, they are retrieving a DHCP IP addy for a windows 2000 server. Without any access-list the process works just fine. Here is an example of the interface and the access-list which is attached to the interface. When applied I am no longer able to get an IP address from the win2k server. Any insight how to correct his problem.
description vlan 10 - Guest VLAN
ip address 10.10.9.1 255.255.255.0
ip broadcast-address 10.10.9.255
ip access-group 100 in
ip helper-address 172.16.201.10
ip helper-address 172.16.201.1
access-list 100 permit ip any host 172.16.201.11
access-list 100 permit udp any host 172.16.201.10 eq domain
access-list 100 permit udp any host 172.16.201.11 eq domain
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.