Other Security Subjects

Ok, I'm using a DMZ on a pix 515E to go down to a pair of servers running Timbuktu (I'd never heard of it previously either) This little baby uses UDP407 for handshaking then TCP ports 1417 through 1420 for other tasks. On top of that it also runs dy...

we have a PIX515E with 6.2.2 the problem is that when we config the firewall to forward multicasts all is ok but if we power the pix off then on, even though the multicast commands are still in the config it will not fwd multicasts until commands are...

I am testing VMS 2.1. Event Viewer under Security Monitor just told me that blocking was only supported in 3.0 sensors. So is there no shun support with a 4.0 sensor?

Hi,I want to do the following:Configure pat for my internal network and also configure pat for connections originating for the outside to the inside.So I want to hide outgoing connection behind an IP address in the range of the outside interface of t...

Hi,Can anyone tell me how to manage the problem with burgeoning log file size with Kiwi Syslog, without further restricting the traffic that I log. I run into half a gig every week.RegardsC P

A Netscreen sales rep told me once that the PIX is just a dumb PC because it doesn't have an ASIC chip. Does anyone have a snappy comeback for this arguement? Has Cisco considered moving to an ASIC design?

Inside interface on pix has a default security level set - 100. My pix shows on inside interface level 99 and I am not able to set it to 100.Any idea how to change it to 100?Thanx a lot .

I'm going to answer to an RFP with a PIX-525 FW. One of the customer questions (for which I don't have the answer) is regarding the total number of connection per second. I have the total nb of concurrent connections which is 280,000 and the nb of si...

the debug below says the pre-shared keys don't match. i believe they do. my group is vpnuser and key is cisco123 on the vpn client and on the router they are also the same. suggestions?2d09h: ISAKMP (0:9): Checking ISAKMP transform 8 against priority...

Can someone please tell me what the IP Inspect commands accomplish that cant be done with access liststhanks

In the MC for IDS signature config screen, I see you can now block by host or connection. The help screens do not elaborate on the difference. Muchas gracias to anyone who can explain the difference. Thanks.

Hello,The VMS email notification stops working after a few hours of updating the signatures from version S44 to S46. I'm not sure if there is a correlation between those 2 events. I've tried to tweak a few things like sending a test email from "bla...

If I have a switch (3500, 4000, or 6000) with ports configured with voice VLANs and have phone connected, is there any way to absolutely ensure that nothing except the phone is able to send traffic on the voice VLAN?MAC address-based security would n...