[unisog] Are cisco router VLAN ACL's stateful like a PIX?

Daniel Medina medina at columbia.edu
Tue Feb 1 00:26:58 GMT 2005


On Mon, Jan 31, 2005 at 06:25:25PM -0500, Ryan Dorman wrote:
> ACL's are packet filters, they are not stateful and do not work with 
> any sort of session tracking IIRC. 

 Maybe reflexive access lists might be useful for you?

    Configuring IP Session Filtering (Reflexive Access Lists)
    http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt3/screflex.htm

> > Are cisco router VLAN ACL's stateful the  
> >  way the PIX firewall is stateful?  
> >  --  
> > Clyde Hoadley  
> > Security & Disaster Recovery Coordinator  
> >  Department of Information Technology  
> >  Metropolitan State College of Denver  

-- 
Daniel Medina



More information about the unisog mailing list