! Listing 10.27: Ethernet DLSw through dual firewalls--outside DLSw Peer Router R-C ! !Copyright (C) 2001 by Vincent C Jones. All Rights Reserved. version 11.2 ! hostname R-D ! ! 120.0.0.2 outside = 10.3.2.99 inside via F-4B ! (No access defined via F-3A) dlsw local-peer peer-id 120.0.0.2 lf 1500 ! Peer via LAN to bit-bucket on R-C dlsw remote-peer 0 tcp 120.0.0.1 ! Any problems with router R-C or LAN, peer to R-2 via F-4B dlsw remote-peer 0 tcp 101.0.0.99 backup-peer 120.0.0.1 dlsw bridge-group 5 ! interface Loopback1 description Local peer address for DLSw ip address 120.0.0.2 255.255.255.255 ! interface Ethernet0/1 ip address 120.0.1.3 255.255.255.0 bridge-group 5 bridge-group 5 spanning-disabled . . ! Add the following to all interfaces except Ethernet0/1 ip access-group 150 out ip access-group 151 in . . router eigrp 1 network 120.0.0.0 ! ! access-list 150 deny tcp host 120.0.0.2 host 120.0.0.1 eq 2065 access-list 150 permit ip any any access-list 151 deny tcp host 120.0.0.1 host 120.0.0.2 eq 2065 access-list 151 permit ip any any ! bridge 5 protocol ieee ! end