O'Reilly logo

CCIE Practical Studies: Security (CCIE Self-Study) by Raymond Morrow, Andrew G. Mason, Dmitry Bokotey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Reflexive ACLs

You can use the reflexive ACL, also known as IP session filtering, to filter network traffic based on IP upper-layer protocol session information. You can use reflexive ACLs to permit only sessions that originate from within your network while denying sessions that originate from outside your network.

You can only define a reflexive ACL through an extended named IP ACL. You cannot use the numbered or standard named IP ACLs with other protocol ACLs. However, you can use reflexive ACLs in conjunction with other standard and static extended ACLs.

Reflexive ACLs are similar to any other ACL that you can use. Reflexive ACLs contain condition statements that you use to define the criteria for permitting IP packets into your network. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required