The absolute timeout is set to 15 minutes.
RouterX(config)#aacccceessss--lliisstt 110011 ddyynnaammiicc tteessttlliisstt ttiimmeeoouutt 1155 ppeerrmmiitt iipp 1100..11..11..00
00..00..00..225555 11772
2..1166..11..00 00..00..00..225555
The following con?¬?guration forces users to authenticate when they open a Telnet connection to
the router:
RouterX(config)#lliinnee vvttyy 00 44
RouterX(config-line)#llooggiinn llooccaall
After you have done these con?¬?gurations, when the user at 10.1.1.2 successfully makes a Telnet
connection to 10.1.1.1, the dynamic ACL is applied. The connection is then dropped, and the user
can access the 172.16.1.x network.
Re?¬‚exive ACLs
Re?¬‚exive ACLs allow IP packets to be ?¬?ltered based on upper-layer session information such as
TCP port numbers. They are generally used to allow outbound traf?¬?c and limit inbound traf?¬?c in
response to sessions that originate from a network inside the router. Re?¬‚exive ACLs contain only
temporary entries. These entries are automatically created when a new IP session begins, for
example, with an outbound packet, and the entries are automatically removed when the session
ends.
Pages:
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330