Just confirming that if I allow a TCP conversation to originate on the Internal Interface, that the reply traffic will be allowed back thru the PIX, to the original sender? What CLI command enables this, or how can I tell this is true?
Now, with UDP, since it's connectionless, and there's no acknowlegement, return traffic does not exist, correct?
That is just the default nature of a pix. By default, all connections from high security to low security connections are allowing, and their return traffic is allowed back in. This is true for both tcp and udp. There is udp return traffic - most DNS requests and replies are UDP based
By default there is no configuration changes to get the ASA working. You can check con connection state with the "show xlate command" and the "show connection" commands. Maybe this documnet will answer your questions....
As previous post suggestion, you can execute "show xlate" to verify that the translation is getting built up. To check if the return traffic is back and if the connection is completed, you can execute "show conn" and see the connection flag "U". U stands for up, so in case of TCP if 3-way handshake is established if the connection is established, you should see the flag U. Here is the flags of connection originating from inside -
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...