Correct but note that in case of ZFW it is gonna be the "return" zone-pair policy that is being overridden and not just an ACL.
Regards, -- Piotr Kaluzny CCIE #25665 (Security), CCSP, CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com On Tue, Feb 7, 2012 at 5:37 PM, HA Ali <[email protected]> wrote: > Correct me if i am wrong . ( ZBF ) > > > Stateful inspection is only done if we put inspect command under the > policy map , if we put pass command action it will work just like ACL and > we need to be careful about the return traffic . Because state table > overwrites the ACL etc. we will be able to get the return traffic back > easily even if there is some sort of deny ACL in case of Inspect command > but this wont be applicable in pass command . > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
