Avatar
access-list 100 permit tcp any any gt 1023 established
interface e0
ip access-group 100 in
"UDP packets don't establish a connection, they're literally fire and forget! A simple permit udp host xx.xx.xx.xx host xx.xx.xx.xx eq xx should be all that's required."
-------------------------------------------------------------
See Cisco document id 26448
Also see:
Reflexive ACLs
ip inspect command.
Comments
Comments are not available for this entry.