Pix v4.4 Outbound "except" Commands - all zero's Netmask

normbeef · ‎02-22-2007

Hi,

I am currently trying to de-commsion an old Pix Ver 4.4 Firewall... there is a deny "anything" i.e deny 0.0.0.0 0.0.0.0 0 rule at the begining of the Outbound Src list, but some of the outbound "exept commands have 0.0.0.0 netmasks on them... I am seeing illegal traffic building Outbound connections through the pix from the log.. would this mean that the 0.0.0.0 netmask is allowing any IP matching the netmask ??? outbound

vmoopeung · ‎02-28-2007

The following documents may help you

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a00802eb153.html

http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_note09186a008059f94e.html

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_installation_and_configuration_guides_list.html