Re: [fw-wiz] PIX assessment

From: Mike Meredith (mike.meredith_at_port.ac.uk)
Date: 10/07/05

  • Next message: Hughes, Chris: "[fw-wiz] Pix VPN endpoint and split-tunnel"
    To: firewall-wizards@honor.icsalabs.com
    Date: Fri, 7 Oct 2005 08:37:42 +0100
    
    

    Hi

    On Mon, 26 Sep 2005 06:43:56 -0700, vulnerable wrote:
    > static statement permitting this. However, this particular config is
    > declaring transparent static's that the documentation I've read says
    > is unnecessary. Any reasons why they may be doing this? I'm going

    It's quite possibly somebody misunderstanding statics, but there is a
    somewhat sensible reason for including apparently unnecessary statics. If
    you're likely to include ACLs to allow traffic to the "inside", then having
    the statics already in place saves making the obvious mistake of not adding
    the relevant static when you add the ACL. Particularly useful if you end up
    adding ACLs in a hurry.

    -- 
    Mike Meredith, Senior Informatics Officer
    University of Portsmouth: Hostmaster, Postmaster and Security 
      "Don't worry about people stealing your ideas. If your ideas are any 
       good, you'll have to ram them down people's throats." Howard Aiken
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Hughes, Chris: "[fw-wiz] Pix VPN endpoint and split-tunnel"

    Relevant Pages