From: Paul Borghese (pborghese@groupstudy.com)
Date: Fri Oct 18 2002 - 00:41:41 GMT-3
They both are "stateful" just Reflexive access-lists do not have
application layer technology. They just open up a hole in the
access-list to allow the response from an inside connection. The
response must be using the same ports as the initial connection.
Take care,
Paul Borghese
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Desimone, Aurelio
Sent: Thursday, October 17, 2002 10:25 AM
To: 'Sam.MicroGate@usa.telekom.de'; ccielab@groupstudy.com
Subject: RE: Reflexive AL and CBAC
I'm not positive, but I was under the impression that CBAC does
statefull
inspection where reflexive just times-out with inactivity
Aurelio
10267
-----Original Message-----
From: Sam.MicroGate@usa.telekom.de [mailto:Sam.MicroGate@usa.telekom.de]
Sent: Thursday, October 17, 2002 8:36 AM
To: ccielab@groupstudy.com
Subject: Reflexive AL and CBAC
Hello everyone,
Can someone tell the main difference between the reflexive access list
and
class based access control? They seem very similar to me. The same use
and
the concept. The both filter traffic at the edge of the network. Only
traffic that originated from the inside will pass to the outside unless
you
configure otherwise. Thanks.
Sam
This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:50 GMT-3