I would say it could be extremely easy to accomplished if you replace your 2800 router with a Cisco ASA firewall. But that was not what you asking. AFAIK, established option in cisco router ios could only apply to tcp connections so udp and icmp are still permitted even your configuration works.
to verify if established option works you could try to deny your telnet/ssh/remote desktop into your cisco device or windows server/pc in another subnet:
ip access-list extended TEST_EST
deny tcp host YOUR_CISCO_DEVICE host YOUR_PC eq 23 established
#deny TCP establishment between test device and your pc. change 23 to different port numbers if you want to try with other protocol. 80 for web, 3389 for remote desktop
permit ip any any
permit icmp any any
#this two lines are used so that end user will not be disconnected from network
then apply this access-list to the subinterface where target device locates
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.