From: Roberts, Larry (Larry.Roberts@expanets.com)
Date: Mon Sep 01 2003 - 14:03:31 GMT-3
Try passing traffic through, not FROM the router. I bet that your traffic
that is being originated from the router is not triggering the reflexive
entry.
Thanks
Larry
-----Original Message-----
From: Chen Kwong Wai William [mailto:kwchen@netvigator.com]
Sent: Monday, September 01, 2003 11:53 AM
To: ccielab@groupstudy.com
Subject: Reflexive Access List
Dear all,
Anyone kindly tell me what is the wrong of the following setting? The
reflexive access-list doesn't work.
-- William
sh run
Building configuration...
Current configuration : 1051 bytes
!
version 12.2
service config
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R5
!
logging rate-limit console 10 except errors
!
username bob password 0 cisco
username alice password 0 cisco
username alice autocommand access-enable timeout 1
ip subnet-zero
no ip finger
!
ip reflexive-list timeout 20
no ip dhcp-client network-discovery
!
!
!
!
interface Ethernet0
ip address 192.168.0.100 255.255.255.0
ip access-group inboundFilters in
ip access-group outboundFilters out
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip kerberos source-interface any
ip classless
ip http server
!
!
ip access-list extended inboundFilters
permit eigrp any any
deny icmp any any
evaluate tcptraffic
ip access-list extended outboundFilters
permit tcp any any reflect tcptraffic
!
!
line con 0
transport input none
line 1 16
no exec
transport input all
line aux 0
line vty 0 4
privilege level 15
login local
!
end
R5#telnet 192.168.0.3
Trying 192.168.0.3 ...
This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:21 GMT-3