Re: PIX default

From: C King (cking007@xxxxxxxxxxx)
Date: Tue Apr 23 2002 - 21:51:43 GMT-3

• Next message: Stephen C. Feldberg: "Re: ACL blocking odd ip address"
• Previous message: Engelhard M. Labiro: "Re: PIX default"
• Maybe in reply to: Bill Mckenzie: "PIX default"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Not exactly. In order for 2 interfaces to be able to talk to each other, a
static must be set up between the two. Once that is set up, traffic from a
higher security interface (eg. inside) can flow to the lower security
interface (eg. outside). Uphill traffic (from lower to higher) will require
a conduit to be configured.

Check out: http://www.cisco.com/warp/public/707/28.html

As an aside: if you choose to use ACL's, you need to explicitly permit all
traffic (even from inside to outside), as it behaves like a router ACL.

HTH,
CK
----- Original Message -----
From: "Stephen C. Feldberg" <scfeldberg@hotmail.com>
To: "Bill Mckenzie" <bmckenzie@hotmail.com>; <ccielab@groupstudy.com>
Sent: Tuesday, April 23, 2002 4:10 PM
Subject: Re: PIX default

> Exactly the opposite. "conduits" need to be built between inside and
> outside interfaces to permit traffic flows.
>
> Steve
> ----- Original Message -----
> From: "Bill Mckenzie" <bmckenzie@hotmail.com>
> To: <ccielab@groupstudy.com>
> Sent: Tuesday, April 23, 2002 3:58 PM
> Subject: PIX default
>
>
> > I'm having a problem with our PIX.
> >
> > By default, isn't everything on the inside able to contact everything on
> the
> > outside?
> >
> > Am I missing something?
> >
> > Thanks,
> > Bill Mckenzie
> >

• Next message: Stephen C. Feldberg: "Re: ACL blocking odd ip address"
• Previous message: Engelhard M. Labiro: "Re: PIX default"
• Maybe in reply to: Bill Mckenzie: "PIX default"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:18 GMT-3