Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
1
Replies

Creating a new interface on Pix 516E

Go to solution
nicktrenary
Level 1
Level 1

‎02-13-2006 11:31 AM - edited ‎02-21-2020 12:42 AM

I have created and enabled a new interface (DMZ) on a Pix 516E. In the PDM an Implicit Outbound Rule was automatically created for this interface. I could get out to the internet with no problems. I however need to open some ports from the DMZ to the inside interface. When I add a new access rule the outbound rule disappears and I no longer can get to the internet. I tried to recreate a similar rule to allow all tcp traffic to the outside interface from the dmz. The PDM accepted the rule but when I went back to examine it, the rule had been changed from the outside to the inside.

How can I keep the implicit outbound rule and still open ports to the inside?

Thanks,

Nick

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dgloff
Level 4
Level 4

‎02-13-2006 04:48 PM

In general terms:

permit any necessary access to your internal network (web servers, printers, whatever. BE SPECIFIC!!)

deny all access to your internal network (deny ip any subnet)

permit ip any any

View solution in original post

0 Helpful
1 Reply 1

Go to solution
dgloff
Level 4
Level 4

‎02-13-2006 04:48 PM

In general terms:

permit any necessary access to your internal network (web servers, printers, whatever. BE SPECIFIC!!)

deny all access to your internal network (deny ip any subnet)

permit ip any any

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card