[c-nsp] cisco ACL filter outbound only
Garrett Skjelstad
garrett at skjelstad.org
Tue Sep 15 12:18:33 EDT 2020
As with all things... Try and it and find out
gns3.com
or
https://developer.cisco.com/modeling-labs/
or
Production
-GarrettSkj
On Tue, Sep 15, 2020 at 9:11 AM Brian Turnbow via cisco-nsp <
cisco-nsp at puck.nether.net> wrote:
>
>
>
> ---------- Forwarded message ----------
> From: Brian Turnbow <b.turnbow at twt.it>
> To: Mike <mike+lists at yourtownonline.com>, "cisco-nsp at puck.nether.net" <
> cisco-nsp at puck.nether.net>
> Cc:
> Bcc:
> Date: Tue, 15 Sep 2020 16:10:01 +0000
> Subject: RE: [c-nsp] cisco ACL filter outbound only
> >
> > Again, the cli seems to indicate support for all the things
> necessary, which
> > includes the idea of 'established', which is why I ask if THIS platform
> does in
> > fact do what the cli suggests:
> >
>
> No it doesn't
> You need to understand what established does.
> It matches TCP datagrams with ACK or RST set . That is it.
> Here is a manual regarding setting up acls that may help you
>
> https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-create-ip-apply.html
>
> Brian
>
>
>
> ---------- Forwarded message ----------
> From: Brian Turnbow via cisco-nsp <cisco-nsp at puck.nether.net>
> To: Mike <mike+lists at yourtownonline.com>, "cisco-nsp at puck.nether.net" <
> cisco-nsp at puck.nether.net>
> Cc:
> Bcc:
> Date: Tue, 15 Sep 2020 16:10:01 +0000
> Subject: Re: [c-nsp] cisco ACL filter outbound only
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list