Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
233
Views
0
Helpful
1
Replies

PIX 6.3 on 506e for VPN requirement only - default filters secure ?

ajenks
Level 1
Level 1

‎07-08-2003 06:17 AM - edited ‎02-21-2020 12:39 PM

If I want to use a PIX device specifically for VPN only, is the default filter configuration etc. secure ? Esentially after assigning IP addresses to either interface, I will configure either client-site or site-site using PDM. This means the only "access rule" defined will be the implicit outbound rule. Do I need to make any changes to access rules/filters to block unwanted traffic unrelated to the IPsec VPN ?

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎07-08-2003 10:43 PM

By default all outbound traffic (from inside to outside) thru the PIX is allowed, while all inbound traffic (from outside to inside) is denied. If you don't add any mappings or access-lists then this default behaviour will still be valid.

If you're just using it for VPN traffic, you should be fine. Use the PDM Wizard to create everything for you and the only traffic that will come in will be VPN traffic.

Keep in mind that if you do want your inside users to go out thru this PIX then you do need to add a translation rule for them to go out, but again, just adding this won't allow any traffic in (except the return traffic).

0 Helpful
Customers Also Viewed These Support Documents