ACL question

If I explicitly let traffic leave my pix (from the inside to outside), is that traffic allowed back in (via the state table), even if I have an ACL that explicitly denies it on the outside int?
LVL 1
WERAracerAsked:
Who is Participating?
 
Jan SpringerCommented:
cisco access-lists are implicit deny when not specified.  so, yes, it shouldn't be a problem if it's a 'deny any any'.
0
 
stsonlineCommented:
The outside deny statement will be bypassed for traffic initiated on the inside since they consider an established connection as allowed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.