Stateful ACL's

Lees0n

Yesterday

Posts: 2

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2024-10-29

Stateful ACL's

Yesterday

Model: ER7206 (TL-ER7206)

Hardware Version: V2

Firmware Version: 2.1.2

Hello,

Is there a way to configure an ACL on the router (ER7206 v2 in Standalone Mode) to allow outgoing and deny incoming except related or established traffic?

By incoming, i mean traffic coming into the WAN interface from the Internet. The router does have an active firewall but i am curious if additional stateful ACL rules could be applied on the WAN link to restrict incoming traffic.

Would setting a BLOCK policy using the NEW state acheive this? I'm guessing it would but i want to be sure that the router interprets it this way.

I've also seen a recommendation to use the default auto type for the state but that option isn't available. The available states are New, Established, Related and Invalid.

1 Reply

Clive_A

Yesterday

Posts: 6659

Helpful: 3388

Solutions: 1582

Stories: 0

Registered: 2023-06-09

Re:Stateful ACL's

Yesterday

Hi @Lees0n

Thanks for posting in our business forum.

I think it can do. But I never tested such a scenario. You might try it based on what you described.

As for the router, the outgoing and related incoming direction is clear and it should do as the ACL config.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.

Stateful ACL's

Stateful ACL's

Information

Voters 0

Tags