how to use the established command on pix/asa

Unanswered Question
May 11th, 2007
User Badges:

hi all can someone pls tell me or guide me as to how to use the established command in pix or asa.

i know that this established command works differently than the established command in the ios routers.

here once a outbound connection has been made based on that connection i can make other connections permit in the inbound direction between same 2 hosts.

say if there is a proprietry application which uses dual channels

eg: when a outbound connection using tcp is made to dest port 8888 using any random source port.

the application will try to connect back to the source on a different port say 8080.this is against the rule of stateful inspection and so will not be allowed.

for such applications where the pix/asa cannot inspect we can use the established command to make it work.

i tried but i am not able to figure it out.

can someone pls help me.

hope to see a reply.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion