I'm assuming (perhaps wrongly) that the pix silently drops connections denied via access rules. Is there a way I can selectively drop packets on the PIX and send a TCP reset or ICMP dst unreachable reply. I'm hoping by adding a little something to the ACL entry, like "with-reset" or whatever.
Thanks.