RE: Reflexive ACL - Clarification Needed - ??

From: john matijevic (matijevi@bellsouth.net)
Date: Sat Sep 04 2004 - 13:55:12 GMT-3

• Next message: Ty: "RE: Wildcards for netbios host access lists"
• Previous message: Cisco Nuts: "Reflexive ACL - Clarification Needed - ??"
• Maybe in reply to: Cisco Nuts: "Reflexive ACL - Clarification Needed - ??"
• Next in thread: Cisco Nuts: "RE: Reflexive ACL - Clarification Needed - ??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,
I was able to implement the answer with success.
Did you actually try to test the answer from the book? If it does work
for you, what part of the answer don't you understand? If it doesn't
work for you, please explain how the answer doesn't work for you.

Sincerely,

John Matijevic, CCIE #13254, MCSE, CNE, CCEA
CEO
IgorTek Inc.
151 Crandon Blvd. #402
Key Biscayne, FL 33149
Hablo Espanol
305-321-6232
http://home.bellsouth.net/p/PWP-CCIE
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Cisco Nuts
Sent: Saturday, September 04, 2004 12:10 PM
To: ccielab@groupstudy.com
Cc: cisco@groupstudy.com
Subject: Reflexive ACL - Clarification Needed - ??

Hello, Can someone help clarify this question on Reflexive ACL's? Task:
Configure a reflexive access list on R6 and apply it to the R6-a3/0
internal interface allowing BGP and any other interesting traffic. (R6
connectes to BB3 via atm3/0 and is required to run BGP with BB3) My
solution: #ip access-list ext inbound #permit tcp any any eq bgp
#permit
tcp any eq bgp any #evaluate REFLECT #deny ip any any #ip access-list
ext
outbound #permit tcp any any reflect REFLECT #permit icmp any any
reflect
REFLECT #permit udp any any reflect REFLECT......(this could be added
too) #int atm3/0 #ip access-group inbound in #ip access-group outbound
out #end Solution Proposed in the book: #ip access-list ext in_filters
#permit
tcp any any reflect TCP_Traffic #ip access-list ext out_filters #permit
tcp any any eq bgp #permit pim any any #permit icmp any any #deny ip any
any #evaluate TCP_Traffic #int atm3/0 #ip access-group in_filters in #ip
access-group out_filters out #end Having done a lot of reflexive acl
labs
and thought that I might have a good grasp at this topic, I feel lost
now
!! What would be a correct solution to this question? This question is
from the Cisco Press CCIE Routing and Switching Practice Labs Book,
Pg.332 - Lab5. Please help.Thank you kindly.

------------------------------------------------------------------------

Get ready for school! Find articles, homework help and more in the Back
to School Guide!

• Next message: Ty: "RE: Wildcards for netbios host access lists"
• Previous message: Cisco Nuts: "Reflexive ACL - Clarification Needed - ??"
• Maybe in reply to: Cisco Nuts: "Reflexive ACL - Clarification Needed - ??"
• Next in thread: Cisco Nuts: "RE: Reflexive ACL - Clarification Needed - ??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:36 GMT-3