11-11-2008, 04:26 PM
Well, Perhaps the problem could be related to correct use of the "Done" button at the end of the SIM (although - according to my memory - I think I also tried that - at least - some of the times, when trying to solve the S09 case the other day!?
After many retries, for some reason it suddenly succeded with a "Pass" feed-back message.
However I still don't understand, why the following ACL configuration will not work on the Austin Router in the S09 SIM:
access-list 100 deny tcp any any eq telnet
access-list 100 permit ip any any
+
ip access-group 100 IN
on both the s1 and e0 Interface
This is just 3 quite simple config lines in total, which I think should match the needed IP address ranges to be filtered on the two Interfaces on the Austin Router, and thus blocking incomming Telnet traffic to the Router, as wanted in the case, but the SIM engine won't in anyway accept this alternative configuration...
It's just sugested as an (perhaps a little more simple) config alternative, instead of specifying the exact IP adresses in more ACL statements, as suggested in the answering section of the S09 SIM - (The configured ACL filter is verified by means of some test-packets simply send out by the S09 SIM engine)
Any feedback, answer + hints etc. would be greatly appreciated !
Thank you in advance!
/Nick_K