PIX 525 that is doing NAT, ACL's and IPSec tunnels
Posted on 2004-10-07
If the client is terminating IPSec tunnels on the PIX. Will traffic still need to meet ACL criteria to be passed to the
trusted side of the PIX? The reason that I am asking is because of the way they have their PIX configured. This is not a
question about setting up an IPSec tunnel as much as the flow of the traffic. This tunnel is passing traffic. So what I want to verify is after the tunnel has agreed upon parameters and before traffic begins to flow, will it need to pass through the access-list acl_out before going to the trusted side?