Reflexive ACL vs Telnet established

From: Carlos Campos Torres \(ccampost\) (ccampost@cisco.com)
Date: Wed Jun 07 2006 - 15:14:19 ART

Next message: chris Iannacone: "descriptions"
Previous message: Roberto Fernandez: "RE: FRTS Lab 1 - 7.2 question."
Next in thread: Ben: "Re: Reflexive ACL vs Telnet established"
Maybe reply: Ben: "Re: Reflexive ACL vs Telnet established"
Maybe reply: Carlos Campos Torres \(ccampost\): "RE: Reflexive ACL vs Telnet established"
Maybe reply: Elias Chari: "Re: Reflexive ACL vs Telnet established"
Maybe reply: Navin MS: "Re: Reflexive ACL vs Telnet established"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all,

Just wondering what the difference between allowing telnet in a
reflexive ACL and just creating an access-list with the established
keyword would be.

Example: In Internetwork Experts Lab 5 Task 9.1 they ask to have telnet
connectivity if a router started the connection

Option 1)

R2(config)#ip access-list extended INBOUND
R2(config-ext-nacl)#permit tcp any eq telnet any established

Option 2)
R2(config)#ip access-list extended INBOUND
R2(config-ext-nacl)#evaluate REFLECT
R2(config)#ip access-list extended OUTBOUND
R2(config-ext-nacl)#permit tcp any any eq telnet reflect REFLECT

What would be the difference between doing it one way or the other?

Any comments will be highly appreciated

Thanks!

Carlos Campos

Next message: chris Iannacone: "descriptions"
Previous message: Roberto Fernandez: "RE: FRTS Lab 1 - 7.2 question."
Next in thread: Ben: "Re: Reflexive ACL vs Telnet established"
Maybe reply: Ben: "Re: Reflexive ACL vs Telnet established"
Maybe reply: Carlos Campos Torres \(ccampost\): "RE: Reflexive ACL vs Telnet established"
Maybe reply: Elias Chari: "Re: Reflexive ACL vs Telnet established"
Maybe reply: Navin MS: "Re: Reflexive ACL vs Telnet established"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:32 ART