firewalls

Unanswered Question
Nov 5th, 2007
User Badges:

Hi all, is one of the main functions of a firewall to basically create a dynamic access list, so that if something originates from inside for example, that traffic is automatically let back in ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mikeallison Wed, 11/07/2007 - 19:29
User Badges:

Hi Carl.


Its been a while since I messed around with ACL's, however, I believe you need to enter the "established" command after the ACL rule, so any connections that go out will be allowed back in if they are already established.


EG: (Grabbed from http://www.networkclue.com/routing/Cisco/access-lists/index.aspx)


Assumptions:

internal network: 63.36.9.0


access-list 101 - Applied to traffic leaving the office (outgoing)


access-list 102 - Applied to traffic entering the office (incoming)


ACL 101

access-list 101 permit tcp 63.36.9.0 0.0.0.255 any eq 80


ACL 102

access-list 102 permit tcp any 63.36.9.0 0.0.0.255 established



Hope this helps.


Michael.

carl_townshend Thu, 11/08/2007 - 01:46
User Badges:

is this for routers or firewalls ? I wanted to know the way in which the asa monitors the outbound sessions then allows them back in, bascially how the firewall works ?

Actions

This Discussion