Re: Router vs Firewall
From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 11/03/05
- Previous message: timbrigham_at_gmail.com: "Router vs Firewall"
- In reply to: timbrigham_at_gmail.com: "Router vs Firewall"
- Next in thread: Volker Birk: "Re: Router vs Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 3 Nov 2005 21:42:44 +0000 (UTC)
In article <1131052506.905959.297200@z14g2000cwz.googlegroups.com>,
timbrigham@gmail.com <timbrigham@gmail.com> wrote:
:Quick question:
:Can a router be told not to route from specific subnets to other
:subnets, or is that a firewall only thing?
:EG:
:192.168.30.x -> 192.168.100.x allowed
:192.168.30.x -> 192.168.101.x not allowed
It depends on the router. Cisco's term for this would be
Policy Based Routing (PBR). It would look something like (approximately)
access-list 101 permit 192.168.30.0 0.0.0.255 192.168.101.0 0.0.0.255
route-map RestrictMap 10 match address 101
route-map RestrictMap 10 set interface Null0
That is, you would take the flows you do not want, and send them
to the bit bucket.
-- If you lie to the compiler, it will get its revenge. -- Eric Sosman
- Previous message: timbrigham_at_gmail.com: "Router vs Firewall"
- In reply to: timbrigham_at_gmail.com: "Router vs Firewall"
- Next in thread: Volker Birk: "Re: Router vs Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
