Network Security

While working with a network mapping tool called Intermapper our PIX was pushed to 100% CPU while filling the log with this message excessively: Denied ICMP type=3, code=3 from 144.bbb.ccc.dd on interface 3Output packets on interface 3 (facing this I...

Hi All,Could somebody advice me any tips and tricks to handle the following signaturs or any extra information to handle these. What are the measures that can be take to control the below list of signatures. I know there are inormation on the NSDB, I...

Hi! Good day to everyone.I have recently installed a Cisco PIX firewall and for firewalling purposes now wants to configure a client VPN connection from the outside using MS PPTP. The configurations for the client VPN are ok as I double checked it. A...

I'm not familiar with Cisco configuration but need to open firewall ports. Here is what I've done, but not sure if it is correct. Do I need to add more or am I off in left field somewhere?access-list ACL_in permit tcp any host 66.37.xxx.xxx eq 1025...

Here is the scenario:FR - Remote -----FA - 1760----LAN -PIX?---Internet | | | 3COM LAN SwitchI have a client that has this existing scenario, with a 1760 FE configured to the Fram...

Just managed to lock myself out of a 501; no console access, no pdm access, and no telnet/ssh access. Went through the whole password recovery routine, but in that mode, the PIX could not even ping its own inside interface. You can already guess that...

I have noticed since i have been using PIX that they tend to drop the rsa keys used for SSH auth with no particular reason.I have tried ca save all but it still drops it from time to time.any ideas?cheers

Dear All ,i have 2 isp s .so they provide me total 12 addresses.. each 6 . now my query is i want to utilise these 12 ip addresses properly. can anybody give me best configuration.. is load balance possible between these two ISP sThanks in advanceNat...

Hi We are using Cisco 3005, ver 4.17, setup vpn lan to lan to checkpoint NG box in the vendor company. By the vendor, have to NAT private ip to the public ip for local network ip in lan to lan setup. We setup NAT rule with static NAT, enter source i...

I have created a custom signature with idsmc 2.01 and during the creation it asked for a name. I entered the name that I wanted to use for the signature but when I received an event for the signature in SecMon, the name that appeared was the default ...

Sorry about this guys but I'm pretty new at this.I'm trying to upgrade the os from 5.2 to 6.3 but everytime I attempt to reload my telnet session drops and I can't get back into the pix until it's totally rebooted. Then I'm right back where I starte...

Dear all ,im getting this message repeatedly..in my pix syslog 2005-02-28 15:05:12 Local4.Error 172.16.1.39 Feb 28 2005 02:29:01: %PIX-3-305005: No translation group found for tcp src dmz1:10.64.1.34/51159 dst outside:10.0.67.102/8080since one month ...

I am having trouble allowing one C Class of addresses access over port 25 to my mail server from outside. I have Web and FTP working on the DMZ out just fine but SMTP from outside to inside, no go. I created a static route for translation between t...

Hi,I am testing IPSEC/L2TP from a windows client to a PIX 501.The IPSEC portion is working fine on phase 1 and 2 and the PIX is seeing and decrypting IPSEC traffic.However its not allowing the L2TP bit and hence user authentication to happen and i ca...

Hi all, I have problem config the ftp server , since i want config a ftp server allow outside clients the access ftp server , i just open the port 21 in access-list , but when i try to using browers eg. IE to connect my ftp server , when input login ...