Defining Interesting Traffic

CiGco.com

R4 (config)#

access-]

ist

101

deny

eigrp any any

R4(config)#

access-1

ist

101

deny

udp any any eq 52 0

R4 (config)#

access-1

ist

101

deny

tcp any any eq 2 3

R4 (config)#

access-1

ist

101

perm]

t ip any any

Prevents EIGRP, RIP, and Telnet traffic from bringing up ISDN link, but allows all other traffic to

R4(config)# dialer-list 1 protocol ip list 101

Associates the dialer-list with an access-list

© 2001, Cisco Systems, Inc. All rights reserved. Cisco CCIE Prep v1.0—Module 3-10

The dialer-list protocol form of the dialer-list command defines interesting traffic based on protocol. The dialer-list protocol <protocol> list fonn of this command allows for a more granular definition of interesting traffic using an access list.

In the example shown, Enhanced Interior Gateway Routing Protocol (EIGRP) routing protocol updates, Routing Information Protocol (RIP) routing updates, and Telnet traffic are not classified as interesting traffic and therefore will not initiate calls on the ISDN circuit.

To complete the DDR configuration, apply the dialer-list to an ISDN interface with the dialer-group command.

R4 Configuration: (The Calling Party)

© 2001, Cisco Systems, Inc. All rights resi

Cisco CCIE Prep v1.0—Module 3-12

Suppose you only want R4 to initiate calls. In this case, you can simply remove any dialer strings or dialer maps from Rl's configuration. When R4 initiates a call to Rl, a dynamic ISDN mapping will occur for return traffic.

Also, since you will never initiate a call from Rl, you can also remove the interesting traffic parameters (dialer-list and dialer-group) from Rl's configuration.

R4(config)# dialer-list 1 protocol ip permit R4(config)# interface bri 0/0 R4(config-if)# encapsulation ppp

R4(config-if)# dialer-group 1

R4 (config-if) # dialer map ip 172.16.14.2 n^e R1 8140010

Used for Authentication

Use the name keyword for CHAP authentication

© 2001, Cisco Systems, Inc. All rights reserved. Cisco CCIE Prep v1.0—Module 3-13

A large benefit of using PPP is its ability to perform secure authentication via Challenge-Handshake Authentication Protocol (CHAP). In order to perform PPP authentication, the name keyword should be included in the dialer map. In a point-to-point ISDN environment using dialer strings instead of dialer maps, the equivalent to the name keyword is the dialer remotename command.

R4(config)# dialer-list 1 protocol ip permit R4(config)# interface bri 0/0 R4(config-if)# encapsulation ppp

R4(config-if)# dialer-group 1

R4(config-if)# dialer map ip 172.16.14.2 name R1 8140010 broadcast

0 0

Post a comment