Solved: Reflexive ACL with port forwarding

zarni tun · ‎10-19-2015

Can I use Reflexive ACL with port forwarding to listen incoming traffic towards inside web server?

Jon Marshall · ‎10-19-2015

Do you mean use reflexive acl for traffic going out to the internet from internal clients to allow return traffic back in and at the same time allow connections from outside to a specific inside server for certain ports ?

If so yes you should be able to do that.

Basically your acl applied inbound on your outside interface would allow the traffic to your web server and nothing else and the reflexive acl part then adds temporary entries to that acl for return traffic to clients.

Is this what you are asking ?

Jon

View solution in original post

Ganesh Hariharan · ‎10-19-2015

Can I use Reflexive ACL with port forwarding to listen incoming traffic towards inside web server?

Hi Zarni,

Reflexive ACL are known as IP session filtering which work in conjunction with ip extended named ACL.

For doing port forwarding using ACL on router, check out the below link for more information.

https://supportforums.cisco.com/discussion/11835581/port-forwarding-access-list

Hope it Helps..

-GI

Rate if it Helps..

Jon Marshall · ‎10-19-2015

Do you mean use reflexive acl for traffic going out to the internet from internal clients to allow return traffic back in and at the same time allow connections from outside to a specific inside server for certain ports ?

If so yes you should be able to do that.

Basically your acl applied inbound on your outside interface would allow the traffic to your web server and nothing else and the reflexive acl part then adds temporary entries to that acl for return traffic to clients.

Is this what you are asking ?

Jon