cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
475
Views
0
Helpful
5
Replies

Extended ACL problem

rlvovskiy
Level 1
Level 1

I applied extended accees-list for the incoming traffic on 2511-RJ router running12.2(13B) OS. I have autotelnet command configured on the Async line of the router that originates outgoing traffic and as soon as I apply ACL the the interface, my outgoing telnet session dies. The default route is configured statically on the router. Any ideas why it happens and how to resolve it?

5 Replies 5

Hello,

can you post you config ?

Regards,

GP

Not allowed to,sorry. But it is very simple: Ethernet0 has an IP address, IP default gateway is on the same network, and Async line 3 and 4 have autotelnet configured.

You have not given us much information to work with. But I will take a guess based on what I understand so far. I guess that your outgoing telnet dies because the access list you have applied inbound does not permit the response traffic coming back to your telnet.

Can you check on this. And if it is not the answer then you need to find a way to give us more information to work with.

HTH

Rick

HTH

Rick

It looks like you are correct. I issued a command on the router - show TCP brief - and noticed that high port numbers were used for my telnet session. After debugging IP packets I confirmed that TCP ACK for my telnet session are, of course, blocked by my access list since I allow only port 23 and TCP ACK arrive on the same hight port it originated on.

Thank you very much for your help. I guess I do need a push to start thinking.

Best regards,

Roman

I am glad that we were able to help resolve your problem.

This is typical of the kind of thing that we need to think about as we deploy access lists in the network.

Best wishes as you continue to develop your networking skills.

HTH

Rick

HTH

Rick

Review Cisco Networking for a $25 gift card