04-12-2007 01:59 PM - edited 03-05-2019 03:26 PM
I acquired a 2611 (all configurations cleared) and need to set it up between two networks like this:
Eth0/0 (LOCAL): 10.20.30.40/255.255.0.0
Eth0/1 (REMOTE): 192.168.1.22/255.255.255.0
I need to be able to configure the router so that Eth0/0 can send to Eth0/1, but not vice-versa.
I have configured the two interfaces with the appropriate IP addresses and subnets, but I need assistance on the configuration of the reflexive access list between the two interfaces.
Can anyone help me out with the commands necessary to facilitate this configuration?
Thank you.
04-12-2007 02:03 PM
Hi,
This link will help
Hope this helps
Shaheen
04-12-2007 02:26 PM
Here's a configuration that would accomplish your requirement. :-) You may have to fine tune it a little bit if you have any other specific requirements
int e0/1
description 'remote'
ip access-group Outbound_ACL out
ip access-group Inbound_ACL in
ip access-list ext Outbound_ACL --> ACL evaluates outbound traffic
permit ip 10.20.0.0 0.0.255.255 any reflect LAN_Traffic --> defines reflexive ACL named LAN_Traffic
ip access-list ext Inbound_ACL
permit
evaluate LAN_Traffic --> the packet will be evaluated against the reflexive access list and permitted if it was originated from the trusted side (e0/0).
HTH
Sundar
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: