cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
459
Views
0
Helpful
2
Replies

problem with ACL on Dialer ...

lmignerey
Level 1
Level 1

Hi,

i need to put an ACL for outbound on a router 806 with PPPOE/ADSL.

I try this, for example :

access-list 101 permit ip any any log

interface dialer 1

ip access-group 101 out

I remark :

1 - when I ping from my PC on inside (by 806' interface ethernet 0) to an Public adress on outside (by dialer1 on interface ethernet 1) , all is ok, I verify it with 'show access-list 101' and the ACL is well incremented.

2 -but when i make the same ping, but now directly on vty of my router to the same public adress, all is ok BUT nothing is incremented on 'show ACL 101'.

I think in this case the ACL 101 is bypassed. But I don't understand why ...

(NB : I put also the ACL 101 on interface ethernet 1 out, it's the same problem).

Thank for your help !

Regards,

Luc Mignerey

2 Replies 2

hucuncu
Level 1
Level 1

Acess-lists do not count or apply the access rules for the packets initiated by the router itself.

I hope it is the reason. Have a nicer day..

Onur DC

thanks for your help

But the interest of reflexive access-lists is very poor in this conditions.

Bye

Luc Mignerey