Re: [fw-wiz] Decrypted VPN traffic and access lists on outside interface of PIX

From: Patrick M. Hausen (hausen_at_punkt.de)
Date: 08/25/04

  • Next message: Kevin Sheldrake: "Re: [fw-wiz] VPN endpoints"
    To: John Galt <jgalt163@comcast.net>
    Date: Wed, 25 Aug 2004 17:00:34 +0200 (CEST)
    
    

    Hello!

    > Is decrypted traffic from a site-to-site VPN sent back through an access
    > list that is applied to the outside interface of a PIX?

    If you don't have

            sysopt connection permit-ipsec

    in place, yes.

    HTH,

    Patrick M. Hausen
    Leiter Netzwerke und Sicherheit

    +-----------------------------------+
    | EuroBSDCon 2004 in Karlsruhe! |
    | 29. - 31. 10. 2004 |
    | http://www.eurobsdcon2004.de/ |
    +-----------------------------------+

    -- 
    punkt.de GmbH         Internet - Dienstleistungen - Beratung
    Vorholzstr. 25        Tel. 0721 9109 -0 Fax: -100
    76137 Karlsruhe       http://punkt.de
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Kevin Sheldrake: "Re: [fw-wiz] VPN endpoints"

    Relevant Pages