An Outside User Attempts To Access An Inside Host - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 15
Firewall Mode Overview
5.
6.
An Outside User Attempts to Access an Inside Host
Figure 15-11
Figure 15-11
The following steps describe how data moves through the security appliance (see
1.
2.
3.
4.
OL-12172-03
If the destination MAC address is not in the security appliance table, the security appliance attempts
to discover the MAC address by sending an ARP request and a ping. The first packet is dropped.
The web server responds to the request; because the session is already established, the packet
bypasses the many lookups associated with a new connection.
The security appliance forwards the packet to the outside user.
shows an outside user attempting to access a host on the inside network.
Outside to Inside
Host
Internet
209.165.201.2
Management IP
209.165.201.6
A user on the outside network attempts to reach an inside host.
The security appliance receives the packet and adds the source MAC address to the MAC address
table, if required. Because it is a new session, it verifies if the packet is allowed according to the
terms of the security policy (access lists, filters, AAA).
For multiple context mode, the security appliance first classifies the packet according to a unique
interface.
The packet is denied, and the security appliance drops the packet.
If the outside user is attempting to attack the inside network, the security appliance employs many
technologies to determine if a packet is valid for an already established session.
Host
209.165.201.3
Cisco Security Appliance Command Line Configuration Guide
Transparent Mode Overview
Figure
15-11):
15-15
Advertisement
Table of Contents
Troubleshooting
