Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

firewalls

Hi all, is one of the main functions of a firewall to basically create a dynamic access list, so that if something originates from inside for example, that traffic is automatically let back in ?

4 REPLIES
New Member

Re: firewalls

can anyone explain this ?

New Member

Re: firewalls

Hi Carl.

Its been a while since I messed around with ACL's, however, I believe you need to enter the "established" command after the ACL rule, so any connections that go out will be allowed back in if they are already established.

EG: (Grabbed from http://www.networkclue.com/routing/Cisco/access-lists/index.aspx)

Assumptions:

internal network: 63.36.9.0

access-list 101 - Applied to traffic leaving the office (outgoing)

access-list 102 - Applied to traffic entering the office (incoming)

ACL 101

access-list 101 permit tcp 63.36.9.0 0.0.0.255 any eq 80

ACL 102

access-list 102 permit tcp any 63.36.9.0 0.0.0.255 established

Hope this helps.

Michael.

New Member

Re: firewalls

hi,

to know more about Lock and Key security (Dynamic ACL), and comparison to standard/static ACL - you might want to read this :

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scflock.htm

HTH.

pls rate :)

New Member

Re: firewalls

is this for routers or firewalls ? I wanted to know the way in which the asa monitors the outbound sessions then allows them back in, bascially how the firewall works ?

160
Views
0
Helpful
4
Replies