Reflexive Access Lists

Reflexive access lists are a type of extended access list that allow two access lists to work together dynamically. When the outbound access list senses a connection to a remote site, the inbound access list is opened up to allow two-way communications to occur. Once this two-way session is completed, the inbound access list is again closed to the remote site. The characteristics of reflexive access lists are as follows:

  • There are no implied deny any statements at the end of the reflexive access control list.

  • A reflexive access list entry is always a permit entry.

  • Named access lists are used in pairs and relate to each other while using reflexive access lists.

  • The inbound interface access list is dynamically changed in relation ...

Get Cisco® Secure Internet Security Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.