Ip firewall check reflexive-traffic

SROS Command Line Interface Reference Guide	Global Configuration Mode Command Set

Use the ip firewall check reflexive-trafficcommand to enable the Secure Router OS stateful inspection firewall to process traffic from a primary subnet to a secondary subnet on the same interface through the firewall. Use the no form of this command to disable this feature.

Note	The Secure Router OS security features must be enabled (using the ip firewall command)
	for the stateful inspection firewall to be activated.

Syntax Description

No subcommands.

Default Values

All Secure Router OS security features are disabled by default until the ip firewall command is issued at the Global Configuration prompt. In addition, the reflexive traffic check is disabled until the ip firewall check reflexive-trafficcommand is issued.

Command Modes

(config)#

Global Configuration Mode

Functional Notes

This command allows the firewall to process traffic from a primary subnet to a secondary subnet on the same interface through the firewall. If enabled, this traffic will be processed through the access-policy on that interface and any actions specified will be executed on the traffic.

Usage Examples

The following example enables the Secure Router OS reflexive-traffic check:

(config)#ip firewall check reflexive-traffic

5991-2114

278

HP 7000 dl Router Ip firewall check reflexive-traffic, Config#ip firewall check reflexive-traffic

Models: 7000 dl Router

SROS Command Line Interface Reference Guide