10-11-2010 01:11 PM - edited 03-04-2019 10:04 AM
I want to apply an ACL on my router so that outer world would be able to access the inside hosts on some specific ports and the internal servers will reply back . Also the internal servers should be able to access the outer would on all ports without any issues .
So should i use reflex access list for this .
ip access-list extended port_allow
permit tcp any XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX eq 10111 reflect create-reflex-list
permit tcp any XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX eq 10112 reflect create-reflex-list
permit icmp any any echo-reply
deny ip any any
10-11-2010 04:51 PM
You do not need reflexive ACL for that.
10-11-2010 05:14 PM
So you recommand me not to use reflex & if i block the inside access
, everything outbound will work fine?
10-11-2010 05:15 PM
Also should i mention any particular command to allo
w all outbound access
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide