Network Security

This really shouldn't be giving me this much trouble...This morning I started seeing hundreds of the following log entry (destination port number differs, but the rest is the same):Deny udp src outside:ns1_isp/53 dst inside:pix_ext/xxxxx by access-gr...

I have recently installed a PIX 501 at my company. The pix is active and working perfectly for about ten miniutes. After that all communicationon to the internet is stopped. When I console into the PIX I can ping the router and the rest of the net, b...

OK, I am trying to add another static NAT mapping. Prior to today, we have been using PAT for all our internal addresses, except for 1 mail server that is statically mapped to 1 public address (different, of course, than the PAT public address). No...

They come from the internet through our T1, go through the PIX, and hit our PC via Terminal Services and are able to connect ok. They then bring up the Cisco VPN Client to connect out to a VPN concentrator via the same T1 they came in on. This VPN co...

I have 2 Internet connections via 2 different routers and 2 different ISPs. One is significantly faster than the other. I would like to setup the faster link to be the primary Internet connection and then autmotically failover to the slower link wh...

On most competitors deivces, you can express an ACL entry as a URL in addition to expressing it as an IP address, and have the URL entry resolved via DNS (on the firewall).For example, if I want to permit access to FTP.NAI.COM, which has 4 possible d...

I' ve got 2 PIX, one PIX515, and one PIX515E. I don't know if it's possible to connect them to use the failover.And if it's possible, have you some tips to do that.THANKS

We have a PIX 515 FOS 6.3(3 with three interfaces We need a few of the workstations in the DMZ to be able to login(domain) to a DC in the trusted inside interface of the pix (higher security level)Any pointers on how to set this up would be deeply a...

I am trying to configure Telnet traffic to be a priority over all other traffic. If necessary it is ok to drop packets related to all other traffic. I have tried several QoS techniques, but during times of extreemly high amounts of traffic telnet r...

Hi,Cisco have sent me a PIX 501 to replace an existing item as part of the RMA process however.1. The new item does not have VPN-3DES enabled2. The old 501 has ports set to 100Full and auto and the new Cisco sent PIX will only let me set the ports to...

we are using the LMS for our core and edge switches management and supposed to be the PIX 515 as well.. I wonder if LMS can do the management for PIXes( configurations etc.)Thanks a lot

I would like know 3 things:-How to upgrade the version of my PIX 515E. It's a 6.3.1, and I want to have the 6.3.2. I've got the file pix632.bin, but I don't know how to flash the BIOS, which commands, and if I have to reboot the PIX.-How to backup a ...

Hi,I need to allow instant messenging through a pix, does anyone have a list of ports required to be open for the various instant messengers?

Dear All,Need help for configuring PIX 501.We have a PIX 501 firewall In which we want to open only ports 389 and 1419, 1460 on the firewall and block telnet and ftp applications.What will be the sample config.Our internal network is 192.168.2.0Regar...