https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539255#M98510 <P>Router--FW-DMZ-PIX--Interal Network</P><P></P><P>I have a UDS 4215 to monitor all traffic to/from internal Network &amp; use PIX as blocking device</P><P>Now I would like to monitor all traffic in DMZ and use router as blokcing device</P><P></P><P>May I do that?</P><P></P><P>Thanks </P><P></P><P></P><P></P><P></P><P> </P> Sun, 10 Mar 2019 10:00:05 GMT logintck 2019-03-10T10:00:05Z https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539255#M98510 <P>Router--FW-DMZ-PIX--Interal Network</P><P></P><P>I have a UDS 4215 to monitor all traffic to/from internal Network &amp; use PIX as blocking device</P><P>Now I would like to monitor all traffic in DMZ and use router as blokcing device</P><P></P><P>May I do that?</P><P></P><P>Thanks </P><P></P><P></P><P></P><P></P><P> </P> Sun, 10 Mar 2019 10:00:05 GMT https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539255#M98510 logintck 2019-03-10T10:00:05Z https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539256#M98513 <HTML><HEAD></HEAD><BODY><P>Hi .. definetely ... with IPS you can use a PIX, Router and CAT 6500 as blocking devices. Just locate the sensor in oine between the DMZ interface and the servers located on teh DMZ segment and configure the router as blocking device !!!.</P><P></P><P></P><P>you can find info on this link</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00803eb01e.html#wp1030293" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00803eb01e.html#wp1030293</A></P><P></P><P>I hope it helps .. please rate it it does !!!</P><P></P></BODY></HTML> Wed, 03 May 2006 04:52:08 GMT https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539256#M98513 Fernando_Meza 2006-05-03T04:52:08Z https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539257#M98515 <HTML><HEAD></HEAD><BODY><P>May I do this?</P><P>Using Router as block device to protect DMZ only</P><P>and</P><P>Using PIX as block device to protect Internal network only </P><P></P><P></P></BODY></HTML> Wed, 03 May 2006 05:13:10 GMT https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539257#M98515 logintck 2006-05-03T05:13:10Z https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539258#M98516 <HTML><HEAD></HEAD><BODY><P>logintck</P><P></P><P>Yes you can.</P><P>You need to define two blocking profile in case the pix and router have diferent users names and password. If are the same, only one profile is necesary.</P><P></P><P>Then define 2 blocking devices</P><P></P><P>At last define only the routing blocking device indicating name of interface, direction and pre and post ACL (optional)</P><P></P><P>The pix doesn't need to be defined as blocking device because the IPS use the shun command.</P><P></P><P>I hope this help to you. </P><P></P><P>Alberto Giorgi from spain. (A new kid in this block)</P></BODY></HTML> Wed, 03 May 2006 21:11:02 GMT https://community.cisco.com/t5/network-security/2-different-blocking-devices/m-p/539258#M98516 a.giorgi 2006-05-03T21:11:02Z