Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
0
Helpful
1
Replies

Difference between CBAC and Reflexive access-list

m.mohanasundaram
Level 1
Level 1

‎04-10-2003 08:23 PM - edited ‎02-20-2020 09:21 PM

Can anyone tell me the difference between the CBAC and Reflexive Access-list. Their purpose look identical to me, but the commands are different.

Any help would be highly appreciated.

Thank you.

Mohan

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎04-10-2003 10:13 PM

CBAC turns your router into a stateful device, so it doesn't just update the access-list to allow return traffic back in (like reflexive ACL's do), it keeps track of the state of the connection, monitoring ACK/SEQ numbers in TCP packets, etc. Go with CBAC over reflexive ACL's any day, much more secure.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents