'established' vs. reflexive acl

From: John Matus (john_matus@hotmail.com)
Date: Wed Mar 02 2005 - 16:29:13 GMT-3

• Next message: Scott Morris: "RE: 'established' vs. reflexive acl"
• Previous message: Roy Dempsey: "Re: show dtp [bcc][faked-from][bayes]"
• Next in thread: Scott Morris: "RE: 'established' vs. reflexive acl"
• Maybe reply: Scott Morris: "RE: 'established' vs. reflexive acl"
• Maybe reply: Jeremy: "Re: 'established' vs. reflexive acl"
• Maybe reply: John Matus: "RE: 'established' vs. reflexive acl"
• Maybe reply: John Matus: "Re: 'established' vs. reflexive acl"
• Maybe reply: Scott Morris: "RE: 'established' vs. reflexive acl"
• Maybe reply: Dave Meyer: "Re: 'established' vs. reflexive acl"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

i'm a bit confused about the difference between the following 2 ACL's.

int e0/0
ip access-group 101 in
access-list 101 permit tcp any any eq telnet established

AND

int e0/0
ip access-group inbound in
ip access-group outbound out

access-l extended inbound
  permit tcp any any eq telnet
  evaluate myreflect

access-l extended outbound
  permit tcp any any reflect myreflect

does the established keyword only allow a session that was initiated
outbound then return inbound?

• Next message: Scott Morris: "RE: 'established' vs. reflexive acl"
• Previous message: Roy Dempsey: "Re: show dtp [bcc][faked-from][bayes]"
• Next in thread: Scott Morris: "RE: 'established' vs. reflexive acl"
• Maybe reply: Scott Morris: "RE: 'established' vs. reflexive acl"
• Maybe reply: Jeremy: "Re: 'established' vs. reflexive acl"
• Maybe reply: John Matus: "RE: 'established' vs. reflexive acl"
• Maybe reply: John Matus: "Re: 'established' vs. reflexive acl"
• Maybe reply: Scott Morris: "RE: 'established' vs. reflexive acl"
• Maybe reply: Dave Meyer: "Re: 'established' vs. reflexive acl"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:39 GMT-3