I work in healthcare and our rules on access through our WAN/Internet connections are quite strict. We do however have one issue i've not been able to work around.
We are using Cisco ISR's (this example a 2851) all with enabled firewall and IPS.
for outbound traffic, I can create a rule on the access list and traffic is permitted out, and the return traffic is permitted inbound.
However if i create a rule for inbound traffic, the ISR is not creating the dynmaic rule for the return traffic, and i'm having to manually a matching outbound for every inbound connection. Is there any way around this other than having permit ip any any as the last rule, which i'm not permitted to do.
Any help much appreciated