I have a reflective access-list in a switch doesn't seem to work. What I want is allow our campus traffic (220.127.116.11/16) to flow freely, and block outside traffic come in except for certain users. Allow inside network (18.104.22.168/24) to go outside without any problems. The problem is inside users cannot go outside except our campus network.
You have configured HSRP on VLAN1 (22.214.171.124/24) interface. Did you configure the reflexive ACL on the other HSRP switch as well. If you didn't and the other HSRP switch is the active router for VLAN1 then could be a problem.
Never say reboot the router after configuring something in Cisco. This is not a microsoft system or a trial and error system!
As for the problem, I really didn't get what you want exactly. However, you should apply the inbound access list (Traffic from inside to outside) on the in interface of the VLAN1 because your user's gateway is the VLAN interface and it is prefered to block traffic closest to the souce.
As for the outside to inside traffic it is has to be applied on the in interface of the outside interface.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...