About ssdata

ssdata · 11-27-2002

Hi,if you need outbound connection for those specific hosts, the only way is to permit them in your acl, because that is the place where your packet is inspected at the first time. So, the static will not work if your acl does not allow the traffic g...

ssdata · 11-27-2002

Hi,ICMP is connectionless protocol, so the is entry in the state-table. This means that PIX does not recognize the reply-packet and it treats it as a new connections. So if you use acls, you have to permit icmp in both interfaces, if you use conduit ...

ssdata · 11-27-2002

Hi,you could try:-clear xlate-look for duplicate ips

ssdata · 11-27-2002

Hi,apply another outbound list to the inside interface. There can be more than one outbound group applied in one interface. If you need to permit few and deny many users, use "outbound 11 deny 0 0" and after that permit particular hosts. As you know...

ssdata · 11-26-2002

Hi,apply the outbound list to the inside interface:apply (inside) 10 outgoing_destand use:clear xlate

Member Since	‎11-26-2002 05:15 AM
Date Last Visited	‎08-18-2017 03:50 AM
Posts	6

User Statistics

User Activity

Re: One-One mapped NAT Entry in PIX

Re: Allowing Inside Users to FTP on DMZ Interface

Re: why is pcanywhere traffic not coming in???

Re: blocking web sites using outbound statement.

Re: blocking web sites using outbound statement.