Ok let me clarify something, I sense a bit of confusion here.. You need to free yourself from this INcomming/OUTgoing concept you are using, when referring to the PIX ok?
Because you can only ever see ONE interface depending on which side of the device youre on (if your architecture is designed properly). You apply your access lists to the interface...period...the direction for data flow is irrelevant. If you want to restrict what traffic enters your network from the OUTSIDE (usually the internet) you apply the access-list to that interface (Usually OUTSIDE interface or Eth0).. If you want to restrict what traffic goes out of your network from your internal hosts you apply the access-list to the interface that your internal hosts are hitting. (Usually the INSIDE interface or Eth1). clear as mud?? Date: Wed, 9 Jan 2002 10:27:49 -0200 (BRST) From: Edson Yamada <[EMAIL PROTECTED]> To: lista fw <[EMAIL PROTECTED]> Subject: PIX Access list Hello, Cisco routers access lists allow the administrator define if the list must be applied to the INcoming or OUTcoming traffic of a given interface. It seems that PIX access lists dont permit that. So, my question is: if I bind a list to a interface, this list is applied against the outcoming, incoming or both kind of traffic? Thank you Edson --__--__-- ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
