08-22-2015 01:43 AM - edited 03-11-2019 11:28 PM
Hi
I noticed that reflexive ACL are missing on the 4300 routers ( particularly on the IOS 15.4(3)S2 )
The keywords evaluate and reflective are missing there:
# permit ip 10.1.1.0 0.0.0.255 any reflect r-out timeout 300
% Invalid input detected at '^' marker.
# evaluate r-out ^
% Invalid input detected at '^' marker.
R1(config)#ip access-list exte test
R1(config-ext-nacl)#?
Ext Access List configuration commands:
<1-2147483647> Sequence Number
default Set a command to its defaults
deny Specify packets to reject
exit Exit from access-list configuration mode
no Negate a command or set its defaults
permit Specify packets to forward
remark Access list entry comment
The IOS is:
System image file is "bootflash:/isr4300-universalk9.03.13.02.S.154-3.S2-ext.SPA.bin"
Was it replaced by something other ? do you know the workaround ?
Thanks
Solved! Go to Solution.
08-22-2015 10:30 AM
Peter
Just answered a similar question in another forum with the same query.
I haven't used those routers but I did a search on Feature Navigator and there is no mention of reflexive acls for those platforms. It's not always accurate in what it says but it does tie in with what you and the other poster were saying.
I suspect you are meant to ZBFW if you want stateful inspection of traffic on those platforms.
Jon
08-22-2015 10:30 AM
Peter
Just answered a similar question in another forum with the same query.
I haven't used those routers but I did a search on Feature Navigator and there is no mention of reflexive acls for those platforms. It's not always accurate in what it says but it does tie in with what you and the other poster were saying.
I suspect you are meant to ZBFW if you want stateful inspection of traffic on those platforms.
Jon
08-23-2015 02:50 AM
The reflexive ACL feature is not supported in your IOS XE version. You are running 3.13.2S(ED) while reflexive ACL is only supported up to 3.10S.
As Jon has mentioned you will need to use ZBFW.
--
Please remember to select a correct answer and rate helpful posts
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: