Command Reference Guide
SROS Command Line Interface Reference Guide Global Configuration Mode Command Set
5991-2114 © Copyright 2005 Hewlett-Packard Development Company, L.P. 278
ip firewall check reflexive-traffic
Use the ip firewall check reflexive-traffic command to enable the Secure Router OS stateful inspection
firewall to process traffic from a primary subnet to a secondary subnet on the same interface through the
firewall. Use the no form of this command to disable this feature.
Syntax Description
No subcommands.
Default Values
All
Secure Router OS
security features are disabled by default until the ip firewall command is issued at
the Global Configuration prompt. In addition, the reflexive traffic check is disabled until the ip firewall
check reflexive-traffic command is issued.
Command Modes
(config)# Global Configuration Mode
Functional Notes
This command allows the firewall to process traffic from a primary subnet to a secondary subnet on the
same interface through the firewall. If enabled, this traffic will be processed through the access-policy on
that interface and any actions specified will be executed on the traffic.
Usage Examples
The following example enables the Secure Router OS reflexive-traffic check:
(config)#ip firewall check reflexive-traffic
Note
The Secure Router OS security features must be enabled (using the ip firewall command)
for the stateful inspection firewall to be activated.