From: Yu Kay (kaykkyu@yahoo.com)
Date: Mon Jul 28 2003 - 03:29:15 GMT-3
it is ok when i configure three routers like yours.
--- "Volkov, Dmitry (IDS Canada)"
<dmitry_volkov@ca.ml.com> wrote:
> Your access list looks right.
> Try to telnet to B from C:
> C---A---B
> It should work. I dont' knnow why but refl list
> doesn't work for packets
> originated from router itself.
> Even if You use telnet x.y.z.d. /source-interface
> "another inetrface than
> s0" from A to B it doesn't work
> Maybe it's IOS dependent.
>
> Dmitry
>
> > -----Original Message-----
> > From: Yu Kay [mailto:kaykkyu@yahoo.com]
> > Sent: Sunday, July 27, 2003 10:54 AM
> > To: ccielab@groupstudy.com
> > Subject: reflexive access-list
> >
> >
> > Hi,
> >
> > I have a question about reflexive access-list.
> > For example,
> >
> > routerA (S0)----- routerB
> >
> > I try to describe my problem in a simplest
> example.
> > Each router use default route point to the other.
> > Before I put the following 'access-list' on
> routerA,
> > routerA can telnet to routerB.
> >
> > int s0
> > ip access-group outbound out
> > ip access-group inbound in
> >
> > access-list extended inbound
> > evaluate test
> > access-list extended outbound
> > permit tcp any any reflect test
> >
> >
> > Please give me some hints
> >
> > Kay
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! SiteBuilder - Free, easy-to-use web site
> design software
> > http://sitebuilder.yahoo.com
> >
> >
> >
>
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:55 GMT-3