Re: [fw-wiz] PIX - acl breaks implicit outbound rule
- From: "Richard Shaw" <richard@xxxxxxxxxxx>
- Date: Thu, 24 May 2007 09:11:09 +0100
Cheers Paul,
Yeah the most obvious solution was in fact the correct solution. I put the
rule back in manually and all appeared fine. But then the whole PIX hung
and I had to reboot it, whoops :)
On 5/23/07, Paul Melson <pmelson@xxxxxxxxx> wrote:
_______________________________________________
> However, it replaces the implicit outbound rule for Interface2 and
breaks
all other outbound traffic on
> the interface. My question is, what can I append to the above access
group to put the outbound rule
> back in?
As far as I know, you can't. You will need to explicitly declare the
previously implied rule:
access-list Interface2toInterface1 deny ip 10.0.5.0 netmask 255.255.255.0
10.0.0.0 255.0.0.0 any
access-list Interface2toInterface1 permit ip 10.0.5.0 netmask
255.255.255.0
any
PaulM
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] PIX - acl breaks implicit outbound rule
- From: Richard Shaw
- Re: [fw-wiz] PIX - acl breaks implicit outbound rule
- From: Paul Melson
- [fw-wiz] PIX - acl breaks implicit outbound rule
- Prev by Date: Re: [fw-wiz] Best way to block incoming connections from open httpproxy servers?
- Next by Date: [fw-wiz] can iptables block incoming http connections from open proxy servers?
- Previous by thread: Re: [fw-wiz] PIX - acl breaks implicit outbound rule
- Next by thread: Re: [fw-wiz] PIX - acl breaks implicit outbound rule
- Index(es):
Relevant Pages
|
