Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
321
Views
0
Helpful
3
Replies

access list

acbenny
Level 1
Level 1

‎03-25-2007 08:19 AM - edited ‎03-03-2019 04:17 PM

hi expert,

what is the purpose by adding stablisted in the access list ?

access-list 101 permit tcp any eq telnet host 192.168.1.1

access-list 101 permit tcp any eq telnet host 192.168.1.1 establisthed

Labels:
0 Helpful
3 Replies 3

Danilo Dy
VIP Alumni
VIP Alumni

‎03-25-2007 08:42 AM

This is to permit any packets returning to a host from already establish connections. When the datagram has acknowledged (ACK) or reset (RST) bits set (indicating an established TCP session)

0 Helpful

acbenny
Level 1
Level 1
In response to Danilo Dy

‎03-25-2007 08:45 AM

sorry, can you explain more ? i still not understand

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎03-25-2007 08:46 AM

Hi

The established keyword allows tcp traffic to pass if there is an ACK or RST flag in the packet. If there isn't then the packet will not match that line and will be checked against the rest of the access-list if there are any more entries.

Put simply by using the established keyword you are making sure that the connection has already been initiated and that you are allowing traffic that is part of an already established connection.

What your access-list line says is only allow traffic with a source port of 23 to go through to the host 192.168.1.1 if the host host 192.168.1.1 has already initiated the connection.

HTH

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card