Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

pix firewalls

on my pix firewall, if i make an outgoing session to someone, will it automatically let it back in ? is this what stateful inspection is ?

5 REPLIES
Silver

Re: pix firewalls

Carl,

The answer to you first qtn is yes. When an outgoing connection is made or for that matter even an incoming connection - an 'xlate' is created for that session. Think of an 'Xlate' as a temporary access-list permitting the commumication to take place.

'Stateful Inspection' is the process of inspecting each packet which goes through the firewall using an algorithm called ASA. You can read more about Stateful Inspection from this document:

<http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_cfg/overvw.pdf>

hth,

Ajaz Nawaz

New Member

Re: pix firewalls

so is the xlate stateful inspection ?

Silver

Re: pix firewalls

Carl,

Xlate is a dynamic table of flows. Stateful inspection is another process - the process of inspecting every individual packet.

hth,

Ajaz Nawaz

New Member

Re: pix firewalls

can you tell me what xlate does ?

Re: pix firewalls

Hi Carl,

Xlate is a table which actually stores your NAT translations for the connection to the outside world.

HTH

-amit singh

123
Views
0
Helpful
5
Replies
CreatePlease to create content