Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I am having a problem where I want to open up access to servers in my DMZ to get outside while not giving the servers access to the inside (except in restricted situations)for example say I wanted to give full access to a server in the DMZ to ...
The above looks good except the deny will deny the whole network 192.168.50.0. Try...access-list acl_in deny tcp host 192.168.50.5 any eq httporaccess-list acl_in deny tcp host 192.168.50.5 255.255.255.255 any eq httpthen add...access-list acl_in pe...
I was wondering if you could apply access-lists in the outboud direction on pix's. I think your first answer works better because it blocks traffic at the source.
Thanks,You are right. Funny thing was I just sat back a sec and then drew a picture of what I wanted to do and came up with that answer as well. Thanks for the reply acomiskey.
A couple of things.While not nessicarily secure (as the above list is not) you can add this and it should fix your problem...access-list dmz_access_in extended permit tcp any any eq domainaccess-list dmz_access_in extended permit udp any any eq domai...
