Lab 3 Task 10.2

From: Hai Minh (minh@ipmac.com.vn)
Date: Sun Oct 24 2004 - 07:50:01 GMT-3

• Next message: istong@stong.org: "Re: Cisco PIX with Cisco VPN client. Per user ACL using Radius"
• Previous message: samccie2004@yahoo.co.uk: "RE: Anyone going to RTP next Thursday 10/28?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi group,

10.2 "Ensure that users behind R6 can still traceroute across the ATM
clound".
This task requires using Reflexive ACL and I do this.
I use the statement "permit icmp any any traceroute" in the inbound ACL at ATM
interface.
In the solution guide, it uses : "permit icmp any any time-exceeded" and
"permit icmp any any port-unreachable"

What is the different between two solutions ?
I use the statement "permit icmp any any reflect out_to_ATM" in the outbound
ACL at ATM and I think every ICMP messages will be allowed to come back from
ATM cloud. Should I have to use some additional statements in the inbound ACL
to allow the traceroute traffic come back like this task required

Thanks.

• Next message: istong@stong.org: "Re: Cisco PIX with Cisco VPN client. Per user ACL using Radius"
• Previous message: samccie2004@yahoo.co.uk: "RE: Anyone going to RTP next Thursday 10/28?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:52 GMT-3