[unisog] Are cisco router VLAN ACL's stateful like a PIX?

Julian Y. Koh kohster at northwestern.edu
Mon Jan 31 23:44:44 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 18:25 -0500 01/31/2005, Ryan Dorman wrote:
>ACL's are packet filters, they are not stateful and do not work with any
>sort of session tracking IIRC.

Note that you can use the incredibly cheesy "established" keyword in an ACL
rule to get you a little bit closer to firewall functionality, but that's
definitely not stateful.


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html>

iQA/AwUBQf602w5UB5zJHgFjEQKSuACffb4TTqwZXvN9UYSOY9WhHNweZmwAn2BN
a1QXXGxN3TBFey+ncGU5N042
=OQSX
-----END PGP SIGNATURE-----

-- 
Julian Y. Koh                         <mailto:kohster at northwestern.edu>
Network Engineer                                   <phone:847-467-5780>
Telecommunications and Network Services         Northwestern University
PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>



More information about the unisog mailing list