How do you implement a packet filter that distinguishes following cases and selects first case and rejects second case. 1. A host inside the corporate n/w makes a ftp request to outside host and the outside host sends reply. 2. A host outside the network sends a ftp request to host inside. for the packet filter in both cases the source and destination fields will look the same.

Showing Answers 1 - 1 of 1 Answers


  • Jun 9th, 2007

We can implement the above situation if we have a global-nat statement configured on the firewall. This way, we would differentiate the security levels between inside and outside and would permit free flow only from inside to outside. To initiate a tcp connection from outside, we would need to permit it using an access-list.

  Was this answer useful?  Yes

Give your answer:

If you think the above answer is not correct, Please select a reason and add your answer below.


Related Answered Questions


Related Open Questions