how to use the established command on pix/asa

Unanswered Question
May 11th, 2007
User Badges:

hi all can someone pls tell me or guide me as to how to use the established command in pix or asa.


i know that this established command works differently than the established command in the ios routers.


here once a outbound connection has been made based on that connection i can make other connections permit in the inbound direction between same 2 hosts.


say if there is a proprietry application which uses dual channels


eg: when a outbound connection using tcp is made to dest port 8888 using any random source port.

the application will try to connect back to the source on a different port say 8080.this is against the rule of stateful inspection and so will not be allowed.


for such applications where the pix/asa cannot inspect we can use the established command to make it work.


i tried but i am not able to figure it out.


can someone pls help me.


hope to see a reply.


regards


sebastan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion