Home
Certification Preparation
Cisco
CCNA & CCENT
CCNA Security
Reflexive access list
evarney
I have no idea what the hell this is. What does this do? I don't remember reading about it at all.
Find more posts tagged with
Comments
atorven
I was going to write a whole bunch of stuff but Jeremy Stretch explained it better than I could.
Reflexive access lists - PacketLife.net
One thing that I discovered when testing these ACLs in GNS3 is that the router doing the reflecting cannot reflect its own sourced outbound traffic, just keep that in mind.
docrice
Reflexive ACLs are rarely used in my experience. They're cumbersome to manage, although I use them to a small degree at home. When you have firewalls that can handle stateful inspection processing (rather than just stateful filtering via reflexive ACLs), it's sort of pointless if you don't have at least some degree of application-level inspection involved for dynamic protocols like SIP and FTP.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
