I am using the Cisco Network Simulator and I got stuck on the following problem with ACL and OSPF. The lab is as follows:
PC1-R1 is on 192.168.1.16/28 network (R1 has 192.168.1.17)
R1-R2 is on 192.168.1.4 /30 network
R2-PC2 is on 192.168.1.32/27 network (R2 has 192.168.1.32)
R1 is using S0/0/0 and R2 is using S0/0/1
The lab is preconfigured with all the IPs and OSPF. The condition is to set ACL to block TELNET traffic from PC2 to R1-PC1 network and permit all other.
Following the instructions the ACL was set up like this:
access-list 100 deny tcp 192.168.1.32 0.0.0.31 192.168.1.16 0.0.0.15 eq 23
access-list 100 permit ip 192.168.1.32 0.0.0.31 192.168.1.16 0.0.0.15
on R2 s0/0/1 ->ip access-group 100 out.
Once I do this, OSPF stops sending Hellos. If I apply the ACL on F0/0 in, OSPF works.
My question here is, why OSPF stops sending Hellos on S0/0/1 once the ACL is applied?
Am I missing something here, or the example is wrong?
Should it be F0/0 instead of S0/0/1 to fullfill the requirements?
Shouldn't ACL ignore localy generated traffic?