Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Port Triggering

Just wanted to verify that this is how to accomplish port triggering under IOS:

https://supportforums.cisco.com/thread/32968

Also, if wanting to trigger multiple ports just adding another line to the ACL is sufficient, or specifying "range" whether it's tcp or udp. As in, no need in creating a new ACL for every port that you want forwarded, and with it a new route-map.

Thanks!

Everyone's tags (4)
2 REPLIES
Community Member

Port Triggering

Will Reflexive ACLs accomplish port triggering for say XBOX Live, MMoRPGs, or any other program that multiple users on the same network may require the inbound ports to be dynamically allowed through the router once a session has been initiated by an internal user.

Obviously restricting which ports can be dynamically "reflected".

Found this link:

http://www.netcraftsmen.net/resources/archived-articles/432.html

Community Member

Port Triggering

I think I'm on the right track, but the next question I have is because I have PAT being used on my WAN interface is the placement of my temporary ACL. The outbound ACL for monitoring, if placed on the outbound for that interface should be looking at the ip:port post PAT, correct? So, should I be placing the outbound temporary ACL on my internal interface, and the inbound ACL on the WAN interface? Or am I just completely lost.

Thanks!

2360
Views
0
Helpful
2
Replies
CreatePlease to create content