Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1427
Views
10
Helpful
5
Replies

Access-List deleting RIP-Table

Go to solution
luxgil
Level 1
Level 1

‎01-25-2020 04:20 AM - edited ‎01-25-2020 04:22 AM

Hello everyone,

 

I have set up 3 networks which are connected trough multiple routers. All of them are connected trough the RIP protocol.

The connection works fine, I can get from one network to the other ones.

But when I create an extended access-list to define which connection is allowed and which connection should be denied, it works fine for a few minutes (ACL is being applied, Routing works as configured) and then the router where I defined the extended access-list gets its routing table emptied and I can't get to the other networks until I delete the access-list again.

 

I thought that maybe I should define the routers to use version 2 of RIP and tried the ACL again but it happened again. At this point, I have no idea what could cause this to happen. I tried to google that problem but couldn't find anything, so I open my own thread :)

 

It would be awesome if someone could help me.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎01-25-2020 04:57 AM - edited ‎01-25-2020 05:00 AM

Hello

@luxgil wrote:

But when I create an extended access-list to define which connection is allowed and which connection should be denied, it works fine for a few minutes (ACL is being applied, Routing works as configured) and then the router where I defined the extended access-list gets its routing table emptied and I can't get to the other networks until I delete the access-list again.

I cannot open you zip file however just by what you have stated seems suggest you are denying the rip protocol so when this acl is applied the protocol is prohibited and its routes ages out, So append your acl to allow rip  then it should work

 

access-list xxx
permt udp any any eq rip



 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Go to solution
Georg Pauwen
VIP
VIP
In response to luxgil

‎01-25-2020 05:18 AM - edited ‎01-25-2020 05:23 AM

Hello,

 

have a look at the link below. For each routing protocol, you need to allow routing updates..

 

https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html#anc16

 

EDIT: The correct answer was supplied by Paul while I was looking at your project file...

View solution in original post

5 Replies 5

Go to solution
Georg Pauwen
VIP
VIP

‎01-25-2020 04:36 AM

Hello,

 

post the full configs of the routers including the access list. Is this a Packet Tracer project ? If so, zip and upload the .pkt file...

0 Helpful

Go to solution
luxgil
Level 1
Level 1
In response to Georg Pauwen

‎01-25-2020 04:51 AM

Hello Georg,

 

I have the zip-file attached.

The router where all the problems are happening, is the first router from the left side.

 

Thanks for your help!

ACl and Routing problem.zip
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to luxgil

‎01-25-2020 05:18 AM - edited ‎01-25-2020 05:23 AM

Hello,

 

have a look at the link below. For each routing protocol, you need to allow routing updates..

 

https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html#anc16

 

EDIT: The correct answer was supplied by Paul while I was looking at your project file...

Go to solution
paul driver
VIP
VIP

‎01-25-2020 04:57 AM - edited ‎01-25-2020 05:00 AM

Hello

@luxgil wrote:

But when I create an extended access-list to define which connection is allowed and which connection should be denied, it works fine for a few minutes (ACL is being applied, Routing works as configured) and then the router where I defined the extended access-list gets its routing table emptied and I can't get to the other networks until I delete the access-list again.

I cannot open you zip file however just by what you have stated seems suggest you are denying the rip protocol so when this acl is applied the protocol is prohibited and its routes ages out, So append your acl to allow rip  then it should work

 

access-list xxx
permt udp any any eq rip



 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
luxgil
Level 1
Level 1
In response to paul driver

‎01-25-2020 05:24 AM - edited ‎01-25-2020 05:30 AM

Hello Paul,

 

That seemed to be my problem.

I just allowed and denied the single components from each network but hadn't added the routing updates.

 

Thanks for your quick response and good help!

 

EDIT: Thanks to Georg as well for the link that explains is really good.

EDIT: For some reason the command that worked was:

access-list 102 permit udp any any

And not

access-list 102 permit udp any any eq rip

 as the CLI would write: Invalid input detected.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card