https://community.cisco.com/t5/network-security/pix-6-2-sysopt-route-dnat/m-p/874060#M973349 <HTML><HEAD></HEAD><BODY><P>It was depreciated and long ago:</P><P>" ..The following commands are no longer used to configure the firewall: sysopt route dnat, sysopt security fragguard, fragguard, and session enable.</P><P></P><P>The sysopt route dnat command is ignored, starting in PIX Firewall software Version 6.2. Instead, overlapping configurations (network addresses and routes) are automatically handled by outside NAT. .."</P><P></P><P>from Cisco PIX Firewall Command Reference, Version 6.3</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/intro.html" target="_blank">http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/intro.html</A></P><P></P><P>Regarding the second question - hardening against what ?</P><P>More info would help.</P></BODY></HTML> Sun, 21 Oct 2007 17:39:13 GMT yuri_slobodyanyuk 2007-10-21T17:39:13Z https://community.cisco.com/t5/network-security/pix-6-2-sysopt-route-dnat/m-p/874059#M973347 <P>Hi,</P><P></P><P>I cannot find this command sysopt route dnat in Pix 7.1. Any idea is this command deprecated or enable by default.</P><P></P><P>Are there any new commands that should be considered for hardening of Cisco PIX firewalls? </P><P></P> Mon, 11 Mar 2019 11:28:12 GMT https://community.cisco.com/t5/network-security/pix-6-2-sysopt-route-dnat/m-p/874059#M973347 wanhwai 2019-03-11T11:28:12Z https://community.cisco.com/t5/network-security/pix-6-2-sysopt-route-dnat/m-p/874060#M973349 <HTML><HEAD></HEAD><BODY><P>It was depreciated and long ago:</P><P>" ..The following commands are no longer used to configure the firewall: sysopt route dnat, sysopt security fragguard, fragguard, and session enable.</P><P></P><P>The sysopt route dnat command is ignored, starting in PIX Firewall software Version 6.2. Instead, overlapping configurations (network addresses and routes) are automatically handled by outside NAT. .."</P><P></P><P>from Cisco PIX Firewall Command Reference, Version 6.3</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/intro.html" target="_blank">http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/intro.html</A></P><P></P><P>Regarding the second question - hardening against what ?</P><P>More info would help.</P></BODY></HTML> Sun, 21 Oct 2007 17:39:13 GMT https://community.cisco.com/t5/network-security/pix-6-2-sysopt-route-dnat/m-p/874060#M973349 yuri_slobodyanyuk 2007-10-21T17:39:13Z