From: Kulcsár
Date: Mon Oct 16 2006 - 08:47:15 ART
Hello,
Are you trying to ping from the router with this reflexive ACL applied?
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Cagri Yucel
Sent: Monday, October 16, 2006 1:33 PM
To: Group study
Subject: Reflexive ACL, what am I going wrong ?
A simple interface
interface Ethernet0/1
ip address 192.10.1.5 255.255.255.0
ip access-group INBOUND in
ip access-group OUTBOUND out
half-duplex
max-reserved-bandwidth 100
service-policy output QOS
end
Simple access lists
Extended IP access list INBOUND
10 permit tcp any eq bgp any (26 matches)
20 permit tcp any any eq bgp
60 evaluate REFLECTION
Extended IP access list OUTBOUND
10 permit icmp any any reflect REFLECTION
20 permit tcp any any reflect REFLECTION
30 permit udp any any reflect REFLECTION Reflexive IP access list REFLECTION
ping:
simply does not initiate the addition of permit item on the list REFLECTION so it does not work.
It seems as if the OUTBOUND list being ignored at all.
I think I am doing a silly mistake but still could not find it
-- -cagri
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:05 ART