REFLEXIVE ACL
From: Mohamed Tandou (dtandou@gmail.com)
Date: Mon Feb 23 2009 - 15:39:11 ARST
Hello GS,
I tried a reflexive ACL from Soup to Nut. Below are the requirements:
R1 and R2 belong to companyA.
R3 and R4 belong to companyB.
R2 is the border
router that connects these companies to each otherM> R2 should be configured
such that it
allows the return traffic for the following protocols:
C� R2 should allow the return HTTP traffic that is originated locally or by
R1.
C� R2 should allow the return Telnet traffic that is originated locally or by
R1.
C� R2 should allow the return FTP traffic that is originated locally or by
R1.
C� R2 should allow the OSPF traffic into the netw
i am not using R4 in my scenario and also i am using EIGRP
Below is my configuration.
I can telnet from R1 to R3
I can't telnet from R2 to R3. It is the way it is supposed to be ?
Please let me know
Thanks
Moh
R1(fa0/0)-------(fa0/0)R2(fa1/0)-------(fa0/0)R3
R2
Int fa1/0
ip access-group REFLEXIVE-OUT
ip access-group REFLEXIVE-IN
ip access-list extended REFLEXIVE-OUT
permit tcp any any eq www reflect TEST
permit tcp any any eq ftp reflect TEST
permit tcp any any eq telnet reflect TEST
permit eigrp any any
ip access-list extended REFLEXIVE-IN
permit eigrp any any
evaluate TEST
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4
: Sun Mar 01 2009 - 09:44:12 ARST