--On Saturday, July 07, 2001 3:35 AM -0500 Ron DuFresne
<[EMAIL PROTECTED]> wrote:
>
> The pix reorders or 'optimizes' certain types of rulesets then? Tghis is
> interesting, and something I'm not used to having 'done for me'.
The old "outbound" syntax was most specific match. Sort of like longest
match for routes. It was rather confusing, and badly documented (at first -
the docs improved in later revisions). It is now deprecated, and Cisco
recommends that everyone use access lists instead.
Of course, if you use access lists, make sure you're running 6.0+ or can
deal with the logging bugs in 5.x (which may or may not be fixed in the ssh
bugfix release due out in august).
--
Carson Gaspar - [EMAIL PROTECTED]
Queen Trapped in a Butch Body
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
