Here is the scenario
all the hosts on DMZ have the PIX2 As gateway
PIX1 will allow access to Internet from DMZ
PIX2 has Deny any any on DMZ internface
PIX2 has route as follows
0000 0000 PIX1 gateway.
Now a host on DMZ wants to access Internet, Do i need to allow access on PIX2
The host traffic will hit the PIX2 DMZ interface then the default route will direct to PIX1.
to do this does the PIX2 need to have the access-rule????? or will it forward it without accessrule??
However there is a default deny any any on DMZ interface of PIX2