I have an 1800 series router configured with reflexive ACLs that is working just fine for traffic passing between the internal and external interfaces.
The issue I'm having is that if I ping or use DNS from the ios command line, the traffic doesn't appear to get added to the reflexive ACL for the inbound interface. It's as if traffic from IOS itself bypasses by outbound ACL. How do I resolve this?
if I just put permit ip any any on the inbound ACL, everything works, but that defeats the purpose of my original relexive ACL.