Implicit Behavioral Differences

From DocWiki

Revision as of 20:34, 28 August 2009 by Lorlando (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Implicit Behavioral Differences

The following table lists the implicit behavioral differences between FWSM and ASA.

Implicit Behavior Behavior in FWSM Behavior in ASA
Implicit Deny Implicit deny between all interfaces. Implicit permit from high security to low security interfaces.
ICMP to-the-box deny Implicit ICMP deny to the interface. Implicit permit.
NAT matching for statistics Static NAT and static PAT (regular and policy static command) -- Best Match. In the case of overlapping address in the static statements, a warning is displayed, but they are supported. The order of static commands does not matter; the static statement that best matches the real address is used. Static NAT and static PAT (regular and policy static command) -- In order until the first match.

Rating: 0.0/5 (0 votes cast)

Retrieved from "http://docwiki.cisco.com/wiki/Implicit_Behavioral_Differences"
Personal tools