From: Leigh Harrison (ccileigh@gmail.com)
Date: Thu Oct 06 2005 - 12:30:51 GMT-3
Hey Dustin,
Your missing a line out there.
On the out_filters list, at the bottom, you need to have in "evaluate
TCP_Traffic" or whatever the name of you reflected traffic is.
This is the flag that tells the router to have a look to see if there
was an outbound connection made and if this is traffic coming back in.
LH
dusth@comcast.net wrote:
>Hi all, I'm reading the cisco press ccie routing and switching practice labs by martin duggan and Maurulio gorito. On lab 5, says allow bgp and any other traffic, and here is the config on the book:
>ip access-list extended in_filters
> permit tcp an an reflect TCP_Traffic
>ip access-list extended out_filters
> permit tcp an an eq bgp
>permit pim an an
>permit icmp an an
>int atm3/0
> ip access-group in_filters in
>ip access-group out_filters out
>I just wonder why the in access-list only reflect tcp traffic but not others. Should others traffic are implicitly denied? Or, others traffic are just not reflected?
>
>Thanks for any explanation.
>
>dustin
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3