Router Configuration

Unanswered Question
Apr 12th, 2007
User Badges:

I acquired a 2611 (all configurations cleared) and need to set it up between two networks like this:

Eth0/0 (LOCAL):

Eth0/1 (REMOTE):

I need to be able to configure the router so that Eth0/0 can send to Eth0/1, but not vice-versa.

I have configured the two interfaces with the appropriate IP addresses and subnets, but I need assistance on the configuration of the reflexive access list between the two interfaces.

Can anyone help me out with the commands necessary to facilitate this configuration?

Thank you.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sundar.palaniappan Thu, 04/12/2007 - 14:26
User Badges:
  • Green, 3000 points or more

Here's a configuration that would accomplish your requirement. :-) You may have to fine tune it a little bit if you have any other specific requirements

int e0/1

description 'remote'

ip access-group Outbound_ACL out

ip access-group Inbound_ACL in

ip access-list ext Outbound_ACL --> ACL evaluates outbound traffic

permit ip any reflect LAN_Traffic --> defines reflexive ACL named LAN_Traffic

ip access-list ext Inbound_ACL

permit --> optional, if you are running any routing protocol on e0/1 then you would need this statement to allow that traffic.

evaluate LAN_Traffic --> the packet will be evaluated against the reflexive access list and permitted if it was originated from the trusted side (e0/0).




This Discussion