I have IOS firewall on my Cisco 806. IOS firewall dynamically creates ACLs according to traffic coming from the internal LAN. But when the sessions are over, the ACLs are still appearing in my show access-list command, and they don't clear/expire/timeout unless i reboot the router, which I don't like to do. I have timeouts specified for my ip inspect statements, and i set my tcp idle-time, and they still aren't terminating. Do you they up in the list but deactivate after the sessions close or what? I don't want to be permitting traffic for sessions that aren't open any longer, and yet my ACLs are stil here. If you can help, please email zanta@buckeye-express.com