From: Joseph D. Phillips (josephdphillips@fastmail.us)
Date: Fri Sep 10 2004 - 20:20:32 GMT-3
It probably has to do with the source of the Telnet packets.
They may be sourcing from a loopback.
Wang Dehong-DWANG1 wrote:
> I had a problem to use reflexive list with a lab(don't have rack access now). part of requirement is still able to ping and telnet to directly connected router(which is considered outside network). I have a INB list like the following..
>
> ip access-list extended INB
> permit icmp host 10.2.2.2 any echo-reply ;suppose 10.2.2.2 is the remote router's IP address on the directly connected subnets.
> permit tcp host 10.2.2.2 eq 23 any
> permit udp any any eq rip
> evaulatue REFLEX
>
> but it did not work as I thought. only work with any any statements like below.
>
> ip access-list extended INB
> permit icmp any any echo-reply
> permit tcp any eq 23 any
> permit tcp any any eq bgp
> permit tcp any eq bgp any
> evaulatue REFLEX
>
> Anyone has seen an issue like this? or did I do something wrong?
>
> thanks in advance.
>
> - Dehong
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:41 GMT-3