I have a router R0 , RO's f0/0 connects to a server 10.1.1.2 and R0 also use the F0/0 as a gre tunnel's source interface . this tunnel's destination is the R3's f0/0 . and 1 smtp server 192.168.1.3 connects to router R3. the server 10.1.1.2 need to connect to the server 192.168.1.3's TCP port 25. and i put a acl on R0's f0/0
ip access-group snmp in
ip access-list extended snmp
permit tcp host 10.1.1.2 host 192.168.1.3 eq 25
there is no other ACL between this 2 servers.
but the server 10.1.1.2 still can not access server 192.168.1.3 by using tcp port 25.
since the tunnel 0 also use f0/0 as source interface , i guess maybe i need to add one more line for ACL snmp
permit tcp host 192.168.1.3 eq 25 host 10.1.1.2.
Please help me for this issue. if my guess is wrong , what is the right sloution .
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...