[c-nsp] disable stateful firewall on PIX?
Michael K. Smith
mksmith at adhost.com
Thu Apr 13 17:24:09 EDT 2006
On 4/13/06 12:47 PM, "Adam Greene" <maillist at webjogger.net> wrote:
> Thanks Mike, and for the other replies I got offlist.
>
> The problem seems to be that the PIX is blocking the inbound SYN/ACK on the
> handshake if it didn't transmit the initial SYN outbound, even if I do a
> "permit ip any <netblock>".
>
I know it should be covered with 'permit ip any any' but that sounds like a
'permit tcp any any established' hook.
Mike
More information about the cisco-nsp
mailing list