Many thanks to all the responses.. >From both, URL's, individual and list posts this is what I learnt: (1) FW1 : - According to many posts and the "Checkpoint QuickStart FW guide Chap 1 p3-4", traffic will pass during this (no rules defined) phase if (1) IP Forwarding & (2) Connectivity between hosts has been established, & (3) The drop rule has not yet been put into place. (2) PIX : By default all outbound traffic is allowed to pass from the internal network, and all inbound traffic to the internal is dropped. This is because PIX uses a ASA (Adaptive Security Algorithm) allowing connection from a higher security interface (eg internal network) to a lower (external). On the flip side the low to high interface (external > internal) is always denied except when configured. Again thanks for all the feedback and comments.. *******************Internet Email Confidentiality Footer******************* Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Please advise immediately if you or your employer does not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it.
