Hello Scott: > -----Original Message----- > From: Scott Granados [mailto:gsgrana...@comcast.net] > Sent: Thursday, July 30, 2009 3:50 PM > To: Michael K. Smith - Adhost; cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] problem creating a static on Pix > > Cool, this really helps. > > I also have an acl applied to the inside interface. Would I have to > add the > inside IP to that ACL as well, is this a bidirectional arrangement? >
The inside ACL is just for traffic originating from the 10. Network. Anything coming inbound will be allowed back out according to its presence in the state table. However, if you want to originate a connection from the inside on port 80 or 443, as an example, those would have to be added as such: Access-list acl-inside permit tcp host 10.x.x.77 any eq 80 Regards, Mike _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
