From: Hung, Sing-Yu (Sing-Yu.Hung@pccw.com)
Date: Tue Oct 29 2002 - 03:47:46 GMT-3
Hi,
I have the below config
------(e3/1)r13(atm1/0)--.1--------30.30.30.0/24-----------.2--s0(ti)e0-----
r13#sh run int a1/0
Building configuration...
Current configuration : 164 bytes
!
interface ATM1/0
ip address 30.30.30.1 255.255.255.0
ip access-group inbound in
ip access-group outbound out
atm ilmi-keepalive
pvc 0/100
ubr 256
!
end
r13#sho access-l
Extended IP access list inbound
permit ospf any any (1380 matches)
permit tcp any eq bgp any eq bgp
evaluate tcptraffic
Extended IP access list outbound
permit ip any any reflect tcptraffic
permit tcp any any reflect tcptraffic
permit tcp any eq telnet any reflect tcptraffic
permit icmp any any reflect tcptraffic
Reflexive IP access list tcptraffic
why I can't ping router (t1)
r13#ping 30.30.30.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.30.30.2, timeout is 2 seconds:
.....
r13#sho access-l
Extended IP access list inbound
permit ospf any any (1388 matches)
permit tcp any eq bgp any eq bgp
evaluate tcptraffic
Extended IP access list outbound
permit ip any any reflect tcptraffic
permit tcp any any reflect tcptraffic
permit tcp any eq telnet any reflect tcptraffic
permit icmp any any reflect tcptraffic
Reflexive IP access list tcptraffic
Bradford Hung
Pacific Century CyberWorks
Tel: 288 33125
-----Original Message-----
From: Hansang Bae [mailto:hbae@nyc.rr.com]
Sent: Monday, October 28, 2002 5:59 AM
To: ccielab@groupstudy.com
Subject: RE: Reflexive access-list
>-----Original Message-----
>From: Ahmed Mamoor Amimi [mailto:mamoor@ieee.org]
>Sent: Friday, October 25, 2002 8:43 AM
>To: ccielab@groupstudy.com
>Subject: Reflexive access-list
>Can someone point me to an example and notes of reflexive access-list.
I highly recommend Gil Held's Cisco Access List Field Guide.
hsb
This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:58 GMT-3