Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

“Join

 
Labels

Forum Posts

I want to allow inside users to access internet(outside) unrestrictedly. but I need to restrict inside users's access to dmz. But default PIX allow all from high security to low security.

We have 2 PIX 515s, each with 4 ifs - outside, inside, dmz, and private connected between the two. If we run the primary PIX by itself, it works fine. When we connect the secondary and bring it up, both may work for a while, but then it will hang. An...

dadams by Level 1
  • 1350 Views
  • 3 replies
  • 0 Helpful votes

I am setting up a Pix 515 to a client that has cable Internet access. They have 1 IP address assigned to them that I will be using on the Outside (eth0) interface. I have researched PAT on CCO and other resources and it seems that I cannot use this ...

asafayan by Level 4
  • 1449 Views
  • 2 replies
  • 0 Helpful votes

Hi,Is there a command line for PIX 515-UR v6.1 Firewall to send the syslog trap to multiple workstations (trap destinations). These destinations are on the same local subnet. If so, please provide a detail command line so I can test with. Thank yo...

titansae by Level 1
  • 1581 Views
  • 5 replies
  • 0 Helpful votes

I have upgraded to CSPM 2.3.2f (actually a fresh install), rebuilt my topology, setup my static mapping, NAT, globals, etc. I then recreated my policies for access to the mail and dns servers - exactly the same as they were in CSPM 2.2. Unfortunatel...

rsmith by Level 1
  • 1426 Views
  • 2 replies
  • 0 Helpful votes

some of our pc's need to run winipcfg every now and tehn when they can't get on the internet. after that they can pass through the pix po problem, but without releasing and renewing the winipcfg info they are stuck on the local segment. any suggest...

Does PIX firewall run tranperant mode with user by default. I mean that does PIX firewall open all the Internet port ? and can we deny by the domain name?

kvbien by Level 1
  • 1481 Views
  • 1 replies
  • 0 Helpful votes

I have two dns servers (win2k), one hosts primary zones (outside) and the other hosts secondary zones(dmz). I am unable to get them to transfer zones between the primary and secondary server. I get a "denied" error message in the event logs (NT) on t...

davidpe by Level 1
  • 1390 Views
  • 2 replies
  • 0 Helpful votes

Hi,I put 2 PIX in stateful failover and did a simple test : during the download of a big file with FTP, I shutted down the master. The second PIX took the connection and the FTP resumed. I powered on back the master and after several seconds I manual...

jsteunou by Level 1
  • 1319 Views
  • 1 replies
  • 0 Helpful votes

Hi,I´m a little bit confused about acccess-lists on the ix.My questions:a) Does an access-list on an inside (higher security interface contain a implicit (not viewable) "deny any any" statement?b) Assume IPSEC clients are terminated on the outside i...

aalbler by Level 1
  • 1625 Views
  • 3 replies
  • 0 Helpful votes

I'm installing a firewall for a WISP and am trying to find a list of limitations of using PAT on the PIX525. The safe decision is NAT however, many public IP's are needed. If I choose PAT, how am I limiting Internet access?

doxford by Level 1
  • 1952 Views
  • 3 replies
  • 0 Helpful votes

If the PIX is setup with a failover then afetr a defined poll interval if any of the links of the active PIX goes down , then the failover detects this and takes over as the Active.Is there any configuration by which i can restrict this to some of th...

Review Cisco Networking for a $25 gift card