Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
818
Views
0
Helpful
2
Replies

fragmenteted packet through PIX

g.rodegari
Level 1
Level 1

‎07-31-2002 03:58 AM - edited ‎02-20-2020 10:11 PM

Hi,

my question is:

- How PIX works normally with fragmented packets? reley these, blocks, discards or reassebles?

- And what changes if I type: "sysopt security fragguard"?

THX,

Graz

0 Helpful
2 Replies 2

yusuff
Cisco Employee
Cisco Employee

‎07-31-2002 10:14 PM

Following link explains your queries regarding default action for fragmented packets arriving on PIX.

In order to manage fragmented packets arriving on PIX which are legitimate, you need to configure the 'fragment' command on PIX.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/df.htm#xtocid15

Using the 'sysopt security fragguard' protects the PIX against IP fragment style attacks recommended in RFC 1858 against the many others: eg teardrop, land, etc.

HTH

R/Yusuf

0 Helpful

g.rodegari
Level 1
Level 1

‎07-31-2002 10:47 PM

Thanks!

Graz.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card