Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSS ACL's

Does anyone know if CSS ACL's are stateful connections once a flow has been created ? eg If i make a connection which looks at the acl clause and i am permitted (which creates a flow) are subsequent packets checked at acl's or does it use the flow therfore bypassing the acl.

  • Application Networking
1 REPLY
Cisco Employee

Re: CSS ACL's

first FCB check then ACL.

So once a flow is created there is no ACL check.

But the ACL is pretty basic - just checking Layer 3 and Layer 4 - so if the first packet is permitted all other packets should also be permitted.

Gilles.

102
Views
0
Helpful
1
Replies