Reflexive ACL and traffic generated by the router

From: METOO CCIE (metooccie@hotmail.com)
Date: Fri Nov 05 2004 - 21:44:28 GMT-3

• Next message: Cisco Net: "Restrict to not to join the multicast group"
• Previous message: Brian McGahan: "RE: dhcp and address negotiation over an isdn link"
• Next in thread: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Hoyle, Anthony (AL): "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Hoyle, Anthony (AL): "FW: Reflexive ACL and traffic generated by the router"
• Maybe reply: METOO CCIE: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Edwards, Andrew M: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Yogesh kumar: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: AdebolaA@mtnnigeria.net: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: AdebolaA@mtnnigeria.net: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: AdebolaA@mtnnigeria.net: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi gurus,

     I have the following Reflexive Access-list. It works fine. It installs
a temporary acl entries when there is traffic coming from some other router
and going out of Eth 0/0 of this router.

     However, when the traffic is generated by this router (on which the ACL
is configured), the reverse temporary entry is not created. Can someone
please tell me how to have traffic from this router also install temp ACL
entry. I have bgp, ospf & glbp working on this router and the solution
should not break those. Thanks in advance.

!
interface Ethernet0/0
ip access-group inboundfilters in
ip access-group outboundfilters out
!
ip access-list extended inboundfilters
permit tcp any any eq bgp
evaluate tcptraffic
evaluate udptraffic
evaluate icmptraffic
deny ip any any
!
ip access-list extended outboundfilters
permit tcp any any reflect tcptraffic
permit udp any any reflect udptraffic
permit icmp any any reflect icmptraffic
permit ip any any
!

Thanks
-bobby

• Next message: Cisco Net: "Restrict to not to join the multicast group"
• Previous message: Brian McGahan: "RE: dhcp and address negotiation over an isdn link"
• Next in thread: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Hoyle, Anthony (AL): "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Hoyle, Anthony (AL): "FW: Reflexive ACL and traffic generated by the router"
• Maybe reply: METOO CCIE: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: Edwards, Andrew M: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Yogesh kumar: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: AdebolaA@mtnnigeria.net: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: AdebolaA@mtnnigeria.net: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Maybe reply: AdebolaA@mtnnigeria.net: "RE: Reflexive ACL and traffic generated by the router"
• Maybe reply: Kian Wah Lai: "Re: Reflexive ACL and traffic generated by the router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:39 GMT-3