Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
1
Helpful
2
Replies

Isr 1100 reflexive ACL

fanciho2
Level 1
Level 1

‎11-26-2024 01:08 AM

Hi, is there a version of ios-xe supporting reflexive access list? I try to migrate a config fotm c897va to a c1117 and the reflexive or evaluate keywords are unknown. (17.12.4 is,on thd device) Or has the syntax changed?

Is there a script to convert such ACLs to use the ios firewall feature, or has someone tips how to transfer functionality?

https://tutuapp.uno/
Labels:
2 Replies 2

MHM Cisco World
VIP
VIP

‎11-26-2024 01:17 AM

you need to use Zone firewall instead 
use class-map inspect the ACL of traffic 
policy-map inspect the class-map above and action will be inspect
zone pair between two interface 

this same as reflexive ACL I think

MHM

0 Helpful

Flavio Miranda
VIP
VIP

‎11-26-2024 03:57 AM

@fanciho2 

 The limitation is related to ISR1100 not with the IOS-XE specifically

0 Helpful
Customers Also Viewed These Support Documents