[j-nsp] Cisco Reflexive Access-list
Alex
alex.arseniev at gmail.com
Mon Apr 26 15:00:53 EDT 2010
Hello there,
What You are asking is:
Not possible without AS-PIC on M/T-series
Not possible without MS-DPC on MX
Possible on J-series in packet-mode with SFW policies
Possible on J-series or SRX, in flow mode.
Regards
Alex
----- Original Message -----
From: "Juan C. Crespo R." <jcrespo at ifxnw.com.ve>
To: <juniper-nsp at puck.nether.net>
Sent: Monday, April 26, 2010 2:57 AM
Subject: [j-nsp] Cisco Reflexive Access-list
> Guys
>
> I have been trying to find a translation of this Cisco feature but is
> almost impossible to find it, so please give me a hand
>
> IP access-list extended OUTBOUND
> permit tcp any any reflect
> permit udp any any reflect
> permit icmp any any reflect
>
> ip access-list extended INBOUND
> evaluate OUTBOUND
>
> inter serial 0/0/1
> ip add 10.0.0.1 255.255.255.252
> ip access-list extended INBOUND in
> ip access-list extended OUTBOUND out
>
>
>
>
> Thanks
>
> JC
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list