ACL Port Screening

[84112000]

Could someone please help? I need to allow all traffic from Router A (host) to router B (remote) but just like a certain port coming back from remote B to host A. Following is my configuration:
At the Host
access-list 101 permit tcp any any eq 1448

int s1
ip access-group 101 in

With this configuration, at the host I cannot do telnet to Remote. How do I recolve?

Thanks,

 

[BuckWeet]

You need to think about this more..

Saying you don't want any traffic to come back, does that mean all, or just traffic intiated from the remote side??

If so, you need to look at some firewall IOS, or setup established access-lists to allow the return traffic..

BuckWeet

 

[84112000]

Thanks for the respond. As mentioned, I like to allow few identified ports coming back from remote to host. You're right, it's acting almost like a Firewall. And it's working with this senario. But I cannot make it run is a traffic initated from host (i.e. Telnet). Please help.

 

[84112000]

Well, I got it run now. I added the "established" option at the end of the access-list statement and this will allow all processes initiated from inside the Host router (Telnet). One small problem is that it's so slow getting respond back while trying to Telnet to a server siting at the remote site. Any ideal?