Implicit Behavioral Differences

From DocWiki

(Difference between revisions)
Jump to: navigation, search
(New page: ==Implicit Behavioral Differences== The following table lists the implicit behavioral differences between FWSM and ASA. {| class="wikitable" |- !'''Implicit Behavior''' !'''Behavior in FW...)
Line 1: Line 1:
==Implicit Behavioral Differences==
==Implicit Behavioral Differences==
The following table lists the implicit behavioral differences between FWSM and ASA.
The following table lists the implicit behavioral differences between FWSM and ASA.
-
{| class="wikitable"
+
{| border="1" cellpadding="2"
-
|-
+
!width="250" align="left" style="background:#99CCFF;" |'''Implicit Behavior'''
-
!'''Implicit Behavior'''  
+
!width="450" align="left" style="background:#99CCFF;" |'''Behavior in FWSM'''
-
!'''Behavior in FWSM'''  
+
!width="250" align="left" style="background:#99CCFF;" |'''Behavior in ASA'''
-
!'''Behavior in ASA'''  
+
|-
|-
| Implicit Deny
| Implicit Deny

Revision as of 20:44, 28 August 2009

Implicit Behavioral Differences

The following table lists the implicit behavioral differences between FWSM and ASA.

Implicit Behavior Behavior in FWSM Behavior in ASA
Implicit Deny Implicit deny between all interfaces. Implicit permit from high security to low security interfaces.
ICMP to-the-box deny Implicit ICMP deny to the interface. Implicit permit.
NAT matching for statistics Static NAT and static PAT (regular and policy static command) -- Best Match. In the case of overlapping address in the static statements, a warning is displayed, but they are supported. The order of static commands does not matter; the static statement that best matches the real address is used. Static NAT and static PAT (regular and policy static command) -- In order until the first match.

Rating: 5.0/5 (1 vote cast)

Personal tools