From: wing_lam@jossynergy.com
Date: Sat Oct 11 2003 - 06:42:47 GMT-3
Hi all,
Sorry that I am answering my own question again :-); the reason is PIX will
not send ICMP redirect and also it will drop it without the access-list
counter increasing.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a0080094874.shtml#Q27
Thx all,
BBD
wing_lam@jossyner
gy.com To: ccielab@groupstudy.com
Sent by: cc:
nobody@groupstudy Subject: OT: PIX route
.com
10/11/2003 03:49
PM
Please respond to
wing_lam
Hi all,
Sorry for OT, I have a secnario that wants a packet which comes into PIX
inside interface would route out to another host on the same inside
interface, in that case:
1) Can PIX do that? (i.e. route to the same interface that packet comes in)
2) If it can, will PIX check the policy (access-list) and NAT? In my
opinion, it will check policy but not NAT as NAT is binded in two
interfaces, and this packet just come out at the same interface.
I cannot make it work the whole morning, I just want to confirm this is
valid.
Thx,
BBD
DISCLAIMER:- This email is confidential and intended only for the use of
the individual or entity named above and may contain information that is
privileged. If you are not the intended recipient, you are notified that
any dissemination, distribution or copying of this email is strictly
prohibited. If you have received this email in error, please notify us
immediately by return email or telephone and destroy the original message.
Thank you.
***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***
This archive was generated by hypermail 2.1.4 : Mon Nov 24 2003 - 07:53:00 GMT-3