Hello,
i have a PIX 506E which handles different VPN-Connections to different partners. All VPN-connetctions are side to side networks, on the remote side therer are differnt VPN-devices.
I have a problem with the access rules. On one remote side there is also a PIX506E. I allowed only icmp to one host from outside to inside but it is also possible to built tcp connections to this host (and i see them in syslog) although there is no access-rule allowing this.
It is only in that case where on the remote side is a PIX 506E. All other configs work fine and only conntections i allowed are possible. I don't the config of this remote PIX.
Has anybody an idea why this conntections are possible, allthough i dindn't allow them on my side.
Thanks
Thomas