I'm working on creating an ACL that will drop unwanted internet traffic from hitting our firewall but still want to allow traffic in from that subnet if we initiate the traffic out.
I have come up with this ACL, will it work?
ip access-group web-access-outbound out
ip access-group web-access-inbound in
ip access-group other-web-traffic in
ip access-list extended web-access-outbound
permit ip any any reflect ipoutbound
ip access-list extended web-access-inbound
ip access-list extended other-web-traffic deny X.0.0.0 0.255.255.255 established log
ip access-list extended other-web-traffic permit any