Good morning all, I'm adding some acl permit statements
into our dmz
and was wondering, do I need to add 2 statements to allow
communication? In other words, I need to allow an internal
machine to
contact a machine in the dmz, so I'm going to add this
statement:
access-list dmz_acl permit ip host 10.9.0.11 host 10.60.1.90
eq 11111.
So this would allow acces from 10.9.0.11 to 10.60.1.90, but
do I need
to add this statement as well:
access-list dmz_acl permit ip host 10.60.1.90 host 10.9.0.11
eq 11111?
I was told with this older version of software that the PIX
needed both
statements to allow proper communication? 10.9.0.11 is
always going to
initiate the request from the machine in the dmz,
10.60.1.90.
Thanks in advance for the help, T
------------------------ Yahoo! Groups Sponsor
--------------------~-->
Everything you need is one click away. Make Yahoo! your
home page now.
http://us.click.yahoo.com/AHchtC/4FxNAA/yQLSAA/kgFolB/TM
------------------------------------------------------------
--------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://gr
oups.yahoo.com/group/PIX_Firewall/
<*> To unsubscribe from this group, send an email to:
PIX_Firewall-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.c
om/info/terms/
|