Hi Guys,
I could not understand why do we bypass the ACLs when CBAC is enabled. If we
have a http server inside trusted network that has client on outside in
that case we permit http connection explicitly in ACL on outside interface,
inspection can be enabled inbound on trusted or outbound on untrusted
interface. If firewall acl bypass feature is enabled (default ) then these
ACLs will not be checked. From the configs and testing point of view I know
these ACLs are checked.
Are these ACLs which are dynamically created when CBAC inspection is enabled
and different from manually defined acls ?
Thanks,
Ajay
Blogs and organic groups at http://www.ccie.net
Received on Tue Jan 19 2010 - 16:31:05 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART