From: Cisco Nuts (cisconuts@hotmail.com)
Date: Sat Sep 04 2004 - 13:10:09 GMT-3
Hello, Can someone help clarify this question on Reflexive ACL's? Task:
Configure a reflexive access list on R6 and apply it to the R6-a3/0
internal interface allowing BGP and any other interesting traffic. (R6
connectes to BB3 via atm3/0 and is required to run BGP with BB3) My
solution: #ip access-list ext inbound #permit tcp any any eq bgp #permit
tcp any eq bgp any #evaluate REFLECT #deny ip any any #ip access-list ext
outbound #permit tcp any any reflect REFLECT #permit icmp any any reflect
REFLECT #permit udp any any reflect REFLECT......(this could be added
too) #int atm3/0 #ip access-group inbound in #ip access-group outbound
out #end Solution Proposed in the book: #ip access-list ext in_filters #permit
tcp any any reflect TCP_Traffic #ip access-list ext out_filters #permit
tcp any any eq bgp #permit pim any any #permit icmp any any #deny ip any
any #evaluate TCP_Traffic #int atm3/0 #ip access-group in_filters in #ip
access-group out_filters out #end Having done a lot of reflexive acl labs
and thought that I might have a good grasp at this topic, I feel lost now
!! What would be a correct solution to this question? This question is
from the Cisco Press CCIE Routing and Switching Practice Labs Book,
Pg.332 - Lab5. Please help.Thank you kindly.
------------------------------------------------------------------------
Get ready for school! Find articles, homework help and more in the Back
to School Guide!
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:36 GMT-3