From: Hunt Lee (huntl@webcentral.com.au)
Date: Mon Oct 14 2002 - 00:36:19 GMT-3
I think the "established" keyword means to only allow traffic that already
have the TCP session estalished.
Please correct me if i am wrong.
Hunt
-----Original Message-----
From: James [mailto:kang_z@hotmail.com]
Sent: Monday, 14 October 2002 10:20 AM
To: ccielab@groupstudy.com
Subject: keyword "established" in access-list
hi all
a simple question but confuse me long time.
topoloy is like:
R2(s1)---------------------(s1)R1(e0)-------------(e)R4
172.16.21.0 192.168.1.0/24
i applied a access-list on R1's s1, as follow:
interface Serial1
ip address 172.16.21.1 255.255.255.0
ip access-group allow_telnet in
ip access-list extended allow_telnet
permit ospf any any
permit icmp any any echo
permit icmp any any echo-reply
permit tcp host 192.168.0.190 any eq telnet established log
i can not telnet between R2 and R4 on both direction. so how to use
established to control the session.
thanks in advance
james
This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:46 GMT-3