Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Reflexive Access Lists

Hi Gurus,

My Reflexive Access Lists is not woking, do you have any idea on it ? am i did the wrong config ?

* i juz wan my telnet session reflect in the ACL.

ip access-list extended OUTR2

permit tcp any any eq telnet reflect test

deny ip any any

ip access-list extended INR2

evaluate test

deny ip any any

interface Ethernet0/0

ip address

ip access-group INR2 in

ip access-group OUTR2 out

Hall of Fame Super Silver

Re: Reflexive Access Lists

Hello William,

the first thing to do is deciding if your scenario requires configuration on an internal interface (internal LAN) or external interface.

In the case of internal interface that could fit in your case:

Internal Interface Configuration Task List

To configure reflexive access lists for an internal interface, perform the following tasks:

1. Defining the reflexive access list(s) in an inbound IP extended named access list

2. Nesting the reflexive access list(s) in an outbound IP extended named access list

3. Setting a global timeout value


So probably you should try the opposite of what you have done

Hope to help


CreatePlease login to create content