04-08-2008 06:01 AM - edited 03-03-2019 09:27 PM
Is it possible to configure an ACL that will allow internet traffic to come toward the PC's that access the internet only if there has been a request from these PC's (the network inside)?
If yes, how?
What I mean is how can I use the ACL's to minimize the harmful traffic that tries to come inside my internet network, like port scanning or other hacking activity?
Thanks for helping
04-08-2008 06:06 AM
Have a look at reflexive access-lists. They seem to be what you need.
http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/schreflx.html
Kevin Dorrell
Luxembourg
04-08-2008 06:06 AM
Reflexive ACL is what you need.
Please take a moment to read this document:
http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/schreflx.html
HTH,
__
Edison.
04-08-2008 06:08 AM
:-)
04-08-2008 06:07 AM
Here is a good link on the different types of ACLs that are available. You may want to look into a reflexive ACL for the type of protection you are requring.
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml#cbac
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide