reflexive list

From: Wang Dehong-DWANG1 (Dehong.Wang@motorola.com)
Date: Fri Sep 10 2004 - 20:16:24 GMT-3

• Next message: Joseph D. Phillips: "Re: reflexive list"
• Previous message: Howard C. Berkowitz: "MPLS Overkill, Part 2 of 2"
• Next in thread: Joseph D. Phillips: "Re: reflexive list"
• Maybe reply: Joseph D. Phillips: "Re: reflexive list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I had a problem to use reflexive list with a lab(don't have rack access now). part of requirement is still able to ping and telnet to directly connected router(which is considered outside network). I have a INB list like the following..

ip access-list extended INB
permit icmp host 10.2.2.2 any echo-reply ;suppose 10.2.2.2 is the remote router's IP address on the directly connected subnets.
permit tcp host 10.2.2.2 eq 23 any
permit udp any any eq rip
evaulatue REFLEX

but it did not work as I thought. only work with any any statements like below.

ip access-list extended INB
permit icmp any any echo-reply
permit tcp any eq 23 any
permit tcp any any eq bgp
permit tcp any eq bgp any
evaulatue REFLEX

Anyone has seen an issue like this? or did I do something wrong?
 
thanks in advance.

- Dehong

• Next message: Joseph D. Phillips: "Re: reflexive list"
• Previous message: Howard C. Berkowitz: "MPLS Overkill, Part 2 of 2"
• Next in thread: Joseph D. Phillips: "Re: reflexive list"
• Maybe reply: Joseph D. Phillips: "Re: reflexive list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:41 GMT-3