Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
507
Views
0
Helpful
3
Replies

firewall behavior

carl_townshend
Spotlight
Spotlight

‎11-01-2006 07:57 AM - edited ‎03-05-2019 12:33 PM

hi all, just a quick question about pix/asa's , if I want internet access outbound, do I just need to allow port 80 outbound and this will automatically let the pc that made the request back in ?

Labels:
0 Helpful
3 Replies 3

sourabhagarwal
Level 4
Level 4

‎11-01-2006 08:07 AM

Hi Carl,

you don't need to open port 80 for accessing internet from inside LAN.

Since PIX work on adaptive security algorithm by default all traffic generating from inside LAN to outside will be allowed and return traffic for the same request will be allowed by the PIX because it inspect each and every packet traversing its inside and outside traffic.

However if a request is initiated from outside towards inside network, it will be blocked by PIX unless you open port on PIX or apply conduits/access list on the outside interface.

hope it helps ....

0 Helpful

amit-singh
Level 8
Level 8

‎11-01-2006 08:15 AM

Hi Carl,

I am not sure if I have understood your question properly. You have to just enable NAT on the outside interface and it will automatically allows your PC to go to the internet. You have to point a default route on your PIX to the next hop of the outside interface. You also have to use ACl's to allow the traffic in.

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008054c4ea.htmlerface.

HTH, Please rate if it does.

-amit singh

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to amit-singh

‎11-01-2006 08:53 AM

what acl would i need to allow back in, i thought the inspection would allow it back through as its an established connection

0 Helpful
Customers Also Viewed These Support Documents