cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
264
Views
0
Helpful
3
Replies

firewalls

carl_townshend
Spotlight
Spotlight

Hi all, when configuring a firewall say pix 501, is all traffic allowed outbound by default, so if I use PAT to get to the internet for 192.168.1.0 range, will all hosts be allowed out by default?

3 Replies 3

spremkumar
Level 9
Level 9

Hi Carl

By default outbound traffic will be permitted and you can access the net using NAT/PAT feature..

if you want to have some kinda inbound access then you need to create proper access lists to allow the remote ip's to access your local resources...

Also do remember you need to have one to one NAT configured for inbound access...

regds

thankyou, i gather this is same for dmz, inside can connect to dmz but not other way around unless access list is in place to allow it ?

Hi Carl

To put it on a simple note anything from High Security Zone to Low Security Zone ( Inside to Outside/DMZ) is permitted with necessary NAT statements.

You need to have Access-lists to permit traffic Low Security Zone to High Security Zone (Outside to DMZ or DMZ to Inside or Outside to Inside)..

regds

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: