RE: [fw-wiz] Ping between PIX remote peers

V7 allows the PIX to send traffic out an interface that it came in on IF
it is configured to do so. Otherwise, the traffic is still dropped and
not allowed.

-----Original Message-----
From: Brian Loe [mailto:knobdy@xxxxxxxxx]
Sent: Thursday, May 04, 2006 9:31 AM
To: Utz, Ralph
Cc: Juan Pablo Feria Gomez; firewall-wizards@xxxxxxxxxxxxxxxxxx
Subject: Re: [fw-wiz] Ping between PIX remote peers

What happens in v7? I'll assume for now they've just built in the
aliasing for requests coming in on the inside port, right? Like
presumably a SonicWall does?

Surely they're not breaking security by allowing this to happen with
no checks...

On 5/3/06, Utz, Ralph <rutz@xxxxxxxxxxxxxxx> wrote:
"PIX will not send traffic out the same interface it came in on"

Applies to all versions of PIX IOS less than v7

firewall-wizards mailing list