From: Jeff Andiorio (jandiorio@gmail.com)
Date: Mon Feb 23 2009 - 16:24:25 ARST
By default
On Mon, Feb 23, 2009 at 12:39 PM, Mohamed Tandou <dtandou@gmail.com> wrote:
> Hello GS,
> I tried a reflexive ACL from Soup to Nut. Below are the requirements:
> R1 and R2 belong to companyA.
> R3 and R4 belong to companyB.
> R2 is the border
> router that connects these companies to each otherM> R2 should be configured
> such that it
> allows the return traffic for the following protocols:
> C R2 should allow the return HTTP traffic that is originated locally or by
> R1.
> C R2 should allow the return Telnet traffic that is originated locally or by
> R1.
> C R2 should allow the return FTP traffic that is originated locally or by
> R1.
> C R2 should allow the OSPF traffic into the netw
> i am not using R4 in my scenario and also i am using EIGRP
> Below is my configuration.
> I can telnet from R1 to R3
> I can't telnet from R2 to R3. It is the way it is supposed to be ?
>
> Please let me know
>
> Thanks
>
> Moh
>
>
> R1(fa0/0)-------(fa0/0)R2(fa1/0)-------(fa0/0)R3
>
>
> R2
>
> Int fa1/0
> ip access-group REFLEXIVE-OUT
> ip access-group REFLEXIVE-IN
>
>
> ip access-list extended REFLEXIVE-OUT
> permit tcp any any eq www reflect TEST
> permit tcp any any eq ftp reflect TEST
> permit tcp any any eq telnet reflect TEST
> permit eigrp any any
>
> ip access-list extended REFLEXIVE-IN
> permit eigrp any any
> evaluate TEST
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:12 ARST