|
Hi There, I'm trying to get successful two way communication over a selected port range between 2 hosts on different interfaces. Interface 1 (100) ------------ Interface 2 (90) host1 (10.0.1.11) ------------ host2 (10.0.5.2) I've already put in a static route so host1 can get down to host2, however I need host2 to be able to open a connection back through on selected ports. I've been able to get it semi-working by applying the following: static (Interface1,Interface2) 10.0.5.200 10.0.1.11 netmask 255.255.255.255 access-list Interface2toInterface1 extended permit udp host 10.0.5.2 host 10.0.5.200 eq port-range access-group Interface2toInterface1 in interface Interface2 However, it replaces the implicit outbound rule for Interface2 and breaks all other outbound traffic on the interface. My question is, what can I append to the above access group to put the outbound rule back in? Any thoughts or suggestions would be super useful Thanks! Richard _______________________________________________ firewall-wizards mailing list firewall-wizards@listserv.icsalabs.com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [fw-wiz] HIPS experience, Paul Melson |
|---|---|
| Next by Date: | [fw-wiz] Netscreen to Cisco IOS tunneling, J. Oquendo |
| Previous by Thread: | [fw-wiz] Best way to block incoming connections from open http proxy servers?, Chris Smith |
| Next by Thread: | Re: [fw-wiz] PIX - acl breaks implicit outbound rule, Paul Melson |
| Indexes: | [Date] [Thread] [Top] [All Lists] |