Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Router Configuration

I acquired a 2611 (all configurations cleared) and need to set it up between two networks like this:

Eth0/0 (LOCAL): 10.20.30.40/255.255.0.0

Eth0/1 (REMOTE): 192.168.1.22/255.255.255.0

I need to be able to configure the router so that Eth0/0 can send to Eth0/1, but not vice-versa.

I have configured the two interfaces with the appropriate IP addresses and subnets, but I need assistance on the configuration of the reflexive access list between the two interfaces.

Can anyone help me out with the commands necessary to facilitate this configuration?

Thank you.

2 REPLIES

Re: Router Configuration

Re: Router Configuration

Here's a configuration that would accomplish your requirement. :-) You may have to fine tune it a little bit if you have any other specific requirements

int e0/1

description 'remote'

ip access-group Outbound_ACL out

ip access-group Inbound_ACL in

ip access-list ext Outbound_ACL --> ACL evaluates outbound traffic

permit ip 10.20.0.0 0.0.255.255 any reflect LAN_Traffic --> defines reflexive ACL named LAN_Traffic

ip access-list ext Inbound_ACL

permit --> optional, if you are running any routing protocol on e0/1 then you would need this statement to allow that traffic.

evaluate LAN_Traffic --> the packet will be evaluated against the reflexive access list and permitted if it was originated from the trusted side (e0/0).

HTH

Sundar

94
Views
0
Helpful
2
Replies