Reflexive access-lists are Cisco’s answer to some security guys about their access-lists and the “established” option.
For example, lets say we have the following scenario:
[LAN: 2.2.2.0/24]—(R1)—-{INTERNET}
Lets say I have “Serial 0/0″ as my T1 to the Internet and I want to block the access to my LAN except for WWW to my web server 2.2.2.2. (The [...]
Archive of posts filed under the reflexive access-lists category.
