Firewall Wizards mailing list archives
New to Cisco PIX/ ASA
From: "Keith A. Glass" <salgak () speakeasy net>
Date: Wed, 1 Aug 2007 18:41:53 -0400
I've managed Gauntlets, Checkpoints, Netscreens, and SonicWalls in the past. I'm a bit confused with the in and outs of the ASA firewalls. I'm setting up at HA pair, my Eth0/0 is my interior interface, trust level 100, Eth 0/1 and 0/2 are my IP and State heatbeats, and Eth 1/0 is my external interface, trust level 1. Am I correct in my understanding that if I want two-way traffic, traffic is not blocked to a lower trust level, so I need only write a rule to pass the traffic between the endpoints from the external interface to the internal interface, and the reply traffic is taken care of ?? Or do I have to write a reverse rule, from the internal interface to the external as well ???
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- New to Cisco PIX/ ASA Keith A. Glass (Aug 01)
- Re: New to Cisco PIX/ ASA ArkanoiD (Aug 21)
- Re: New to Cisco PIX/ ASA Jason (Aug 22)
- CSA Question Carric Dooley (Aug 21)
- IPv6 support in firewalls Dave Piscitello (Aug 21)
- Re: IPv6 support in firewalls ArkanoiD (Aug 22)
- Re: IPv6 support in firewalls Marcus J. Ranum (Aug 22)
- Re: IPv6 support in firewalls Shahin Ansari (Aug 22)
- Re: IPv6 support in firewalls Dave Piscitello (Aug 23)
- Re: IPv6 support in firewalls Mohit Sharma (Aug 23)
- Re: IPv6 support in firewalls Marcus J. Ranum (Aug 23)
- Re: New to Cisco PIX/ ASA ArkanoiD (Aug 21)