Network Security

Pix - Redundant Internet Connections.

Ok, I realize you can't do this with just the pix alone, the best config I could come up with was 3 1720's in front of the pix doing some funky natting. One for the pix and one for each internet connection.These connections are from different ISP's.C...

PIX TCP sequence numbers checking and stateful failover performance

Hi!PIX Admin. guide says: "The PIX Firewall checks TCP sequence number andensures that it fits within an acceptable range".The questions are:- does the PIX really do this?- does "acceptable range" mean "within the window, but out-of-order TCPsegments...

Pix 501:Can I use a Pix 501 to study for CCIP

I've been trying to find out if the Pix 501 is similar to the other Pix versions so I could study using it.

PIX Static NAT issue

My inside network uses a NAT pool to go to the Internet. However I have an external site which will only allow access from a predefined address. How do I allow all users going to this one external address use the same (predefined) address and the n...

PIX system logs.

Does the pix log traffic in some buffer internally that I can look into or Do I need to configure logging and point it to a syslog server.If we need to do the second part Will it affect our utilization or what percentage will it add on our utilizati...

Cable Modem + Router + Pix

Dear All,Here's my problem:I have a cable ADSL modem supplied by my ISP.The ethernet cable is connected to ethernet 0 in my cisco 2621.Router Ethernet 1 is directly connected to ethernet 0 (outside) of my pix 506EPix's ethernet 1 (inside) is connecte...

Which PIX firewall ?

We have a client with a network of about 50 users. The client is connected to the net through DSL and has given access to about 25 users of the same for mailing or browsing. The client wants a basic security implementation as they fear that their sit...

PIX DMZ to inside

Running PIX 515 with one DMZ. Problem is I cannot initiate any sessions from the DMZ side. Ping is the really strange one. I cannot ping from the DMZ to inside, the packets do not hit the debug packet dmz. Packet sniffer shows the requests being...

SNMP monitoring: traps or thresholds?

I'm in the process of deploying an SNMP infrastructure for our network using OpenNMS, and am wondering if I should use either traps or thresholds (or both?) to detect Cisco events such as high router/switch temperature, high CPU usage, etc. I've alw...

Pix Firewall 515

How do I erase the configuration, and rebuild the Firewall?

NTP and PIX 501

Can you sync time on a PIX 501 (v6.1) with a NTP server? If so, what is the command? Thanks,Rick

PIX firewall 'clear xlate' command

From the PIX firewall documentation, it was mentioned that the "clear xlate"command should be used after changing or removing the alias, access-list,conduit, global, nat, outbound, and static commands.Question: Does this command clear (or refresh) th...

VMS 2.1 IDS MC & VPN Routers MC Device Import Error

Just installed standalone vms 2.1 and attempted to import devices into IDS MC and VPN Routers MC, but I get errors. The IDS MC error I get is importing configuration files from the sensor Could not find version instring "Unknown version". I followe...

Win2000 client with smart-card auth on pix

Hi, is it possible to use a smart-card (or token, like aladdin e-token) to authenticate a vpn on a pix using the default VPN client (l2tp/ipsec) coming with windows2000/xp ?It seems that EAP support is required and then smartcard/token auth is possib...

Network Security

Forum Posts

Pix - Redundant Internet Connections.

PIX TCP sequence numbers checking and stateful failover performance

Pix 501:Can I use a Pix 501 to study for CCIP

Pix 501:Can I use a Pix 501 to study for CCIP

PIX Static NAT issue

PIX system logs.

Cable Modem + Router + Pix

Which PIX firewall ?

PIX DMZ to inside

SNMP monitoring: traps or thresholds?

Pix Firewall 515

NTP and PIX 501

PIX firewall 'clear xlate' command

VMS 2.1 IDS MC & VPN Routers MC Device Import Error

Win2000 client with smart-card auth on pix

Hearty congratulations to the December Spotlight Award winners!

Renew.cisco.com just got refreshed, and it will make your life easier!

Announcing Resources That Guide You to Success

Cisco FTD send RST when dropped by Snort / IPS

Firepower 7.2.1 - Issue with the FlexConfig Text object override

Re: FMC is disabled in System>Health>Monitor

Private VLAN's interaction with ESXi and firewall

Packets appearing in ASP DROP?

vFMC setting with bugsssss

FMCv upgrade path from v7.1.0

FMC new local admin cannot console or SSH

FMC API - can not associate a prefilter policy to an access policy

What is the result of placing, on ASA outside int, ACL...