Is there a way to set a privilege level so a user can only work with access-lists on a router. I want the user to only be able to add/change/delete access-lists but no other commands: reload, shutdown, snmp, etc...Thanks,
We have already a public address range configured on the outside interface (213.XX.YY.ZZ/29). Our provider has assigned us a new range of public addresses (62.XX.YY.ZZ/29).How can i configure this on the PIX ?PS : As far as i know, secondary addresse...
hey all,I have at pix 515e that has the implcit any any ip for the inside, with this, I can browse the web no prob. But when I issue the following commands, traffic stops.access-list outbound_traffic permit udp host 10.1.254.16 any eq domainaccess-li...
I'm sure I'm doing something wrong, though it is monday.. (-;I'm trying to allow my Win2K DMZ Host to Sync its time with a Win2K Server on the Inside Interface.If it could also Sync with the PIX, or with an outside source that would be great too.The ...
This is the "Nachi Worm ICMP Echo Request". I have my outside IDS shunning this signature and I can see that the internet router has "Deny" access lists for each alarm. But what is puzzling me is I also have an IDS inside on my server vlan that is re...
In the report generation, one of the alarms has the description SMTP to: bounce. What is the correct signature id for this alarm? I have been unable to find this alarm description in the NSDB. Is it known by a different description in the NSDB? Why c...
I am trying to view the list of signatures that were disabled in the S61 upgrade. The bugid we are given is CSCec88388. I keep getting told that it doesn't find that id. Can someone verify if this is the correct ID or link directly to that bug ple...
Hi Experts. I'm designing a large-scale VPN3k-based hub-and-spoke network (about 400 spokes). For redundancy, I need to use at least 2 VPN3k's in the hub, and I'm going to leverage the load balancing VCA feature. The customer says that communication ...
On Friday the 7th, I did the upgrade of four of our appliance IDS sensors. No problem. Afterwards I did the upgrade on the IDS MC and at the next logon, I did't have any access anymore to IDS MC and Security Monitor :'You are not authorized to reques...
now i am consolidating the network security,but with a question:because defaultly the pix firewall permit any protocol from inside to outside,but with a IDQ exploit i can establish a reverse connection with the inside area server,now i should configu...
I issue 3 commands write erase, then write mem and reload. The pix restarts I configure the firewall and then write mem, and reload. When I display the running configuration it shows some commands I did not execute such as 11 fixup commands(I only ex...
Hi,My PIX 515e is showing the following message in the PDM log:Deny icmp src outside: (ip address) dst inside: (ip address) (type 8, code 0) by access-group 101.Is this normal or should I be worried?Thanks for any replies.Robin.
