01-29-2005 05:19 AM - edited 03-02-2019 09:22 PM
Hi,
Following info about PIX.
Inside to Outside: If a user from the inside starts a connection to the outside (or to be more precise, to an interface with a lower security level), this connection will by default be permitted, and the return packets of this connection too.
How does the pix knows that an outsider or an insider started a particular connection, which it should deny pr permit.????
01-29-2005 05:39 AM
For TCP session to start there must be a SYN packet sent from the initiator of the session. If that packet comes from outside, PIX simply discards it and session never comes up.
Hope this helps.
01-29-2005 10:06 AM
You can read more about ASA algorithm here..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide