<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Firewall Wizards: Re: PIX - acl breaks implicit outbound rule

Re: PIX - acl breaks implicit outbound rule

From: Paul Melson <pmelson_at_gmail.com>
Date: Wed, 23 May 2007 14:09:39 -0400

> However, it replaces the implicit outbound rule for Interface2 and breaks
all other outbound traffic on
> the interface. My question is, what can I append to the above access
group to put the outbound rule
> back in?

As far as I know, you can't. You will need to explicitly declare the
previously implied rule:

access-list Interface2toInterface1 deny ip 10.0.5.0 netmask 255.255.255.0
10.0.0.0 255.0.0.0 any
access-list Interface2toInterface1 permit ip 10.0.5.0 netmask 255.255.255.0
any

PaulM

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on May 23 2007

This message: [ Message body ]
Next message: Charlie Quick: "Re: Securing Wireless with ASA-5510"
Previous message: stursa_at_695online.com: "Re: HIPS experience"
In reply to: Richard Shaw: "PIX - acl breaks implicit outbound rule"
Next in thread: Richard Shaw: "Re: PIX - acl breaks implicit outbound rule"
Reply: Richard Shaw: "Re: PIX - acl breaks implicit outbound rule"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]