Hi Darryl,
At 07:18 PM 04/06/2000 +1000, Luff, Darryl wrote:
>Another couple of PIX queries:
>
>- The docs say that outgoing connections are allowed by default, does this
>mean you don't need global/nat lines to enable outgoing connections unless
>you need the nat?
No, you need some sort of translation defined:
global/nat = dynamic translation
pat = dynamic translation to a single address
nat 0 = no translation
static = static translation
One or more of the above, and then by default connections are permitted outbound.
>- If you add a static entry, with no conduit, does the static mapping get
>used for outgoing conenctions? Or is 'static' purely for incoming stuff?
It gets used for outgoing connections. Static is merely a static translation, and
carries no implicit direction.
>Thanks again,
>
>Darryl Luff.
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
Hope that helps,
Lisa Napier
Product Security Incident Response Team
Cisco Systems
http://www.cisco.com/warp/public/707/sec_incident_response.shtml
PGP: A671 782D 2926 B489 F81A 3D5E B72F E407 B72C AF1F
ID: 0xB72CAF1F, DH/DSS 2048/1024
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
