In your example, VPDN is built over Ethernet, and there must be some kind of dialer where you want your access-list on.
That imposes e1 ATM0 can be without access-list, the untrusted traffic, is coming in encapsulated in PPP over E. So within the PPP session there will be IP (dialer, say dhcp neg IP) and that is where you want to put an incoming access-list on. Martijn -----Oorspronkelijk bericht----- Van: Thomas N [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 29 augustus 2003 11:31 Aan: [EMAIL PROTECTED] Onderwerp: TCP/UDP port for CHAP [7:74480] I got SOHO sites with PPPoE connection to the Internet. They use CHAP for authentication. I would like to setup an ACL to filter out traffic on the outside interface. I am wondering what TCP/UDP port CHAP protocol use? Thanks! Thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74505&t=74480 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
