Follow these steps to configure an ACL that can be used to protect against TCP RST DoS attacks.
device# configure terminal
device(config)# ip access-list extended acl1 2015/04/01-13:18:15, [SSMD-1400], 2315, SW/device | Active | DCE, INFO, device, IPv4 access list acl1 is created.
device(conf-ipacl-ext)# permit tcp any any rst 2015/04/01-13:22:16, [SSMD-1404], 2316, SW/device | Active | DCE, INFO, device, IPv4 access list acl1 rule sequence number 10 is added.
device(conf-ipacl-ext)# end
device# show running-config ip access-list extended acl1 ip access-list extended acl1 seq 10 permit tcp any any rst
device# configure terminal device(config)# ip access-list extended acl1 device(conf-ipacl-ext)# permit tcp any any rst device(conf-ipacl-ext)# exit device# show running-config ip access-list extended acl1