[c-nsp] Virtual-Access Interfacse doesn't forward traffic
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Tue Feb 8 13:15:54 EST 2005
Marco,
> i have a very strange problem with a Virtual-Access Interface, which
> is used for a dial-backup. If the CPE is connected to the LNS, ICMP
> traffic is forwarded, but if i try to ssh/ telnet to the router,
> nothing is send to the CPE. If i put an ACL on the Virtual-Template,
> which explict allows the telnet traffic to the IP, it works ....
>
> With this ACL attached to the VT, it works:
>
> Extended IP access list gna
> 10 permit ip any host $hostip log
> 20 permit ip any any
You punt the traffic to the process path (using "log" keyword), which
changes things..
> interface Virtual-Template5
[..]
> ip tcp adjust-mss 1402
possibly some issues related to adjust-mss? This would explain why you
pass ICMP, but no TCP traffic? Does UDP work?
Can you open a SR to have TAC take a closer look at this?
oli
More information about the cisco-nsp
mailing list