Comments Embedded.
Q Most firewalls have by default 'deny everything' and then you have to
permit (open) ports for specific traffic.
This is true at least on the last one I had..
Basically the way it works out of box is everything out and deny everything
in.
After you define you inside, outside, dmz ,etc interfaces, you define
"conduits" to allow inbound traffic. Now, ACL's are acls and the pix does
use these as well.. My suggestion is go to cco.cisco.com and pull that
latest for whatever version of code you are running.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v51/config/con
fig.htm
Q I want to 'stop' PIX to see if that solves my communication
problems.....on Checkpoint I would use 'fwstop' to make sute that no traffic
is blocked but I'm not sure how I can do the same on PIX....
>>> You cannot really stop the process only allow everything
bi-directional.. like acl_out perit ip any any ...Otherwise take it out of
the mix.
Hope it helps..
Regards,
Adam
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
