Cisco PIX 501 - TechRepublic
General discussion
December 19, 2003 at 04:05 PM
mart h

Cisco PIX 501

by mart h . Updated 22 years, 4 months ago

Being a newbie to the pix 501 I am trying to implement a rule set that allows access to ftp and denys all other protocols.

I have config’d nat and a global pool for internal and external hosts, set the relevant rules
– allow inside, outside for ftp

and then established a clean up rule
– deny ip any

The result of this blocks all traffic including ftp

I assume that the pic processes rules in order then branches when it hits an accept rule avioding the clean up rule… am I right or wrong?

can anyone suggest ‘the correct’ rule config to fix the problem or at least offer any explanation why the simple ruleset may not work

This discussion is locked

All Comments