From: hadek.el-ayachi@nsn.com
Date: Thu Nov 08 2007 - 13:46:57 ART
Hi GS,
If I am asked to permit only icmp/udp/tcp traffic inbound if it is
initiated from inside, the answer is:
ip access-list ext FW_OUT
permit icmp an an reflect FW
permit tcp an an reflect FW
permit udp an an reflect FW
But, what about other protocols and futur protocols sach as igmp,
gre...? Should I add per ip any any? Does it deserve askin proctor?
Thanks for comment
E. HADEK
Nokia Siemens Networks
IP Core planner
5 rue Abou Inane- Hassan
Rabat - Maroc
Tel : +212 37 26 15 30
GSM : + 212 61 44 93 98
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:28 ART