[c-nsp] permit tcp any any established on a GSR using Salsa and Compiled
Peter Kranz
pkranz at unwiredltd.com
Wed May 10 15:49:48 EDT 2006
Given the nature of how a GSR processes access lists with Salsa and Compiled
features, does adding the permit tcp any any established line in an access
list like the one below have any impact positive or negative?
access-list 103 permit tcp any any established
access-list 103 deny ip host 0.0.0.0 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 deny ip 255.0.0.0 0.255.255.255 any
access-list 103 deny icmp any any fragments
access-list 103 deny icmp any any redirect
access-list 103 deny ip 0.0.0.0 0.255.255.255 any
access-list 103 deny ip 224.0.0.0 31.255.255.255 any
access-list 103 permit ip any any
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-0000
Fax: 510-217-6031
pkranz at unwiredltd.com
More information about the cisco-nsp
mailing list