Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

outbound access

Should we always need a static st. combined with ACL when connection is initiated from inside network.

For example if am initiating a http connection from inside network then for the response http traffic should i need a static+ACL st.

3 REPLIES
Bronze

Re: outbound access

Hi.

For a connection that is initiated from the inside to outside, you do not need to permit the response. PIX being a stateful firewall will keep a track of the connection information and will allow the return packets after it checks the state table and sees that the response is coming because the request was done from inside.

---Pls rate if useful---

New Member

Re: outbound access

But if you have an inbound access list blocking the http response for the outbound http request traffic initiated by the inside host?

Gold

Re: outbound access

In this case you need open ACL for this traffic...

The rule mentioned above is for default firewall settings (without restrictive ACL)

In you case ACL blocks traffic se you need open ACL for outbound http request

M.

Hope that helps rate if it does

134
Views
3
Helpful
3
Replies