Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
2
Replies

Can PIX allow out of session packets?

jsluzewski
Level 1
Level 1

‎10-31-2003 03:00 PM - edited ‎02-20-2020 11:04 PM

Will "conduit permit ip host 1.1.1.1 any" permit out of state packets to host 1.1.1.1?

In asymetric routing scenario with two independent PIXes, inside host 1.1.1.1 (assume it is a valid public address, no NAT) starts connection to a destination outside. Will the PIX that sees ONLY session's inbound traffic to 1.1.1.1 permit it based on the above conduit statement?

Thanks

Jarek

0 Helpful
2 Replies 2

rais
Level 7
Level 7

‎11-01-2003 04:27 AM

No, PIX will not permit out of state packets in. The packets, for a given session, must exit and enter through the same pix.

HTH

0 Helpful

jsluzewski
Level 1
Level 1
In response to rais

‎11-03-2003 07:33 AM

Are you sure?

The conduit allows ANY IP traffic.

If not, how would you permit any IP traffic to given host?

Jarek

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card