Is there a substantial security difference between using reflexive ACLs for IP session filtering in IOS and the stateful firewall technology of the PIX? Thanks,RJ
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,552) -
Cisco Bugs
(36) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(143) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(15) -
Cisco Secure Firewall Management Center (FMC)
(80) -
Cisco Secure Firewall Threat Defense (FTD)
(108) -
Cisco Security Cloud Control
(5) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(259) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(28) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,574) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(91) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,569) -
NGIPS
(1,873) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,775) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(632) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
I have a customer with PIX firewalls at three locations. They use a proprietary program that sends information between the stores every night using the "blast" protocol on port 1200. Since I installed these PIX firewalls, they can no longer transfer...
Hi, Am upgrading the 6.1 to 6.23 on PIX 525 , and am getting error monitor> interface 10: i8255X @ PCI(bus:0 dev:14 irq:10)1: i8255X @ PCI(bus:0 dev:13 irq:11)2: i8255X @ PCI(bus:1 dev:0 irq:11)3: i8255X @ PCI(bus:1 dev:1 irq:10)4: i8255X @ PCI(bus...
This is an ez question I know, but, I still would like guidance before I proceed.I have What's up Gold 8.0 installed on a monitoring station. If I install CW 6.0 onto the same station will it seamlessly integrate itself with WUG 8.0? Or, do I need to...
Hi ,i am trying to copy the config from the pix firewall to a tftp server.i define the tftp srever and the pix is able to communicate with tftp server.tftp-server inside 172.16.4.132 software/cisco/ciscoas5350the following is the error message i am ...
HelloI have a PIX 515E-UR with software version 6.3. After saving my configuration, the firewall displayed the following message :Watchdog timeout failure! Please contact customer support. PC SP STATE Runtime SBASE Stack P...
1) Is there any anti-spoofing feature on PIX firewall ?2) If implemented, how are they implemented ? Is it implemented by default ? And how do you control the anti-spoofing rules ?3) If implemented, are they implemented at layer 1 or layer 2 or only ...
The following is part of my configuration:access-list 101 permit tcp any host xxx.xx.xxx.36 eq 5900 global (outside) 1 xxx.xx.xxx.37-xxx.xx.xxx.38static (inside,outside) tcp xxx.xx.xxx.36 5900 192.168.100.253 5900 netmask 255.255.255.255 0 0access-gr...
Hi,I have suddenly started to get the following error message when trying to run PDM from my PC to our PIX 515e Firewall.'Your PIX image has a version number of unknown. This version of PDM will only interoperate with versions that start with 6.0 or ...
Hello all,I am having a problem with the dmz on the PIX. All connections to the DMZ from the outside work correctly.However when I try to access our webserver on the DMZ from the inside.. Everything slows to a crawl. It can take up to 3-5 minutes to ...
I've downloaded the CiscoWorks Security Suite 90-day Eval, but it does not come with an eval license for the CSA suite. The documentation said I had to request one, how is this done? Online? Through a Cisco rep?
After installing a PIX 501 Firewall at a client, they are complaining that when they send e-mail from Outlook Express 6 that a message displays for 30 - 60 seconds stating that is Connecting to the Server. The e-mail does send correctly after this d...
Hi,Is it possible to set the MTU for a PIX Ethernet interface to a value greater than 1500 ?I know that it will allow me to do it in the PIX software but the documentation says that the Max. Value is 1500 for Ethernet Interfaces ?Which one is True ? ...
hello,i have a pix 520, and when he start, he do some checkings , fire a error, and restart. If i boot from a floppy, he say that flash is obsolete, can i do something???here are the outputs:Finesse Bios V3.3Booting Floppy...............................
Hi,When i attempt to upgrade the PIX Software, on my "PIX Classic Firewall"i get the below error. Do i need to change any Dip switch settings on the Flash card (ISA)?I get the below error when i boot of the boothelper disk.I have a 2MB Flash card. I ...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 10-30-2025 04:25 AM | ||
| 10-23-2025 07:14 AM | ||
| 10-21-2025 08:39 AM | ||
| 10-20-2025 12:53 PM | ||
| 07-16-2025 04:21 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 8 | |
| 7 | |
| 2 | |
| 2 | |
| 1 |
