11-21-2006 01:49 AM - edited 03-11-2019 01:58 AM
Should we always need a static st. combined with ACL when connection is initiated from inside network.
For example if am initiating a http connection from inside network then for the response http traffic should i need a static+ACL st.
11-21-2006 02:03 AM
Hi.
For a connection that is initiated from the inside to outside, you do not need to permit the response. PIX being a stateful firewall will keep a track of the connection information and will allow the return packets after it checks the state table and sees that the response is coming because the request was done from inside.
---Pls rate if useful---
11-22-2006 11:23 PM
But if you have an inbound access list blocking the http response for the outbound http request traffic initiated by the inside host?
11-22-2006 11:38 PM
In this case you need open ACL for this traffic...
The rule mentioned above is for default firewall settings (without restrictive ACL)
In you case ACL blocks traffic se you need open ACL for outbound http request
M.
Hope that helps rate if it does
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide