Established in Access List configuration
After the TCP three-way handshake, all subsequent TCP segments that use the session will have at least the ACK bit set. The "established" keyword on an ACL prevents pre-existing TCP sessions that are built across the router to be torn down when the ACL is applied to an interface.
For example,
access-list 101 permit tcp any 202.224.119.0 0.0.0.255 established
This access control list simply states to permit established traffic from anywhere to all computers within the 202.224.119.0 network. The "established" keyword will analyze the ACK bit and if it was set, this traffic will pass through the router, irrespective of whether an ACL entry further down in the list might deny the traffic.
Established keyword can be applied to a specific source or destination port too. For example,
access-list 101 permit tcp any 202.224.119.0 0.0.0.255 eq 80 established
For example,
access-list 101 permit tcp any 202.224.119.0 0.0.0.255 established
This access control list simply states to permit established traffic from anywhere to all computers within the 202.224.119.0 network. The "established" keyword will analyze the ACK bit and if it was set, this traffic will pass through the router, irrespective of whether an ACL entry further down in the list might deny the traffic.
Established keyword can be applied to a specific source or destination port too. For example,
access-list 101 permit tcp any 202.224.119.0 0.0.0.255 eq 80 established
Comments
Post a Comment