From: Shawn Zandi (szmetal@gmail.com)
Date: Mon May 26 2008 - 10:48:35 ART
You're pinging from R4? wrong router! you've been able to ping before ACL?
On Mon, May 26, 2008 at 5:38 PM, Suryakant P <suryakant.pandian@gmail.com>
wrote:
> Hi All,
>
> I have two routers connected to a common ethernet segment.
>
> r1(204.12.1.4)f0/0----f0/1r2(204.12.1.254)
>
> I have configured reflexive acl on the r1 router.
>
> interface FastEthernet0/0
> ip address 204.12.1.4 255.255.255.0
> ip access-group inbound in
> ip access-group outbound out
> duplex auto
> speed auto
>
> ip access-list extended inbound
> permit udp any any eq rip
> permit tcp any any eq bgp
> permit tcp any eq bgp any
> permit icmp any any echo-reply
> permit tcp any eq telnet any
> evaluate RETURN
> ip access-list extended outbound
> permit icmp any any reflect RETURN
> permit udp any any reflect RETURN
> permit tcp any any reflect RETURN
>
> With this configuration,I was not able to ping r1's own interface.
>
> Rack1R4#ping 204.12.1.4
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 204.12.1.4, timeout is 2 seconds:
> .....
> Success rate is 0 percent (0/5)
> Rack1R4#
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:18 ART