firewalls

carl_townshend · ‎11-05-2007

Hi all, is one of the main functions of a firewall to basically create a dynamic access list, so that if something originates from inside for example, that traffic is automatically let back in ?

carl_townshend · ‎11-07-2007

can anyone explain this ?

mikeallison · ‎11-07-2007

Hi Carl.

Its been a while since I messed around with ACL's, however, I believe you need to enter the "established" command after the ACL rule, so any connections that go out will be allowed back in if they are already established.

EG: (Grabbed from http://www.networkclue.com/routing/Cisco/access-lists/index.aspx)

Assumptions:

internal network: 63.36.9.0

access-list 101 - Applied to traffic leaving the office (outgoing)

access-list 102 - Applied to traffic entering the office (incoming)

ACL 101

access-list 101 permit tcp 63.36.9.0 0.0.0.255 any eq 80

ACL 102

access-list 102 permit tcp any 63.36.9.0 0.0.0.255 established

Hope this helps.

Michael.

intelide3 · ‎11-07-2007

hi,

to know more about Lock and Key security (Dynamic ACL), and comparison to standard/static ACL - you might want to read this :

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scflock.htm

HTH.

pls rate :)

carl_townshend · ‎11-08-2007

is this for routers or firewalls ? I wanted to know the way in which the asa monitors the outbound sessions then allows them back in, bascially how the firewall works ?