Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I noticed a huge amount of connections shown by our PIX (running 6.3(3)). They are all connections apparently due to DNS traffic. From "show conf":UDP out 65.110.41.70:53 in 158.64.1.14:2656 idle 0:00:05 flags -(several thousands)158.64.1.14 is...
Hello,I have a (possibly) unusual question: I would like to establish an IPsec tunnel (on a PIX), with a certain policy (e.g. tunnel all traffic from 10.1.0.0 to 10.2.0.0). However, no everything from one net to the other is allowed. Is there a way t...
Hi,Is it possible to log the output produced by "debug" commands to syslog? I do succeed in sending debug level information (%PIX-6-*) to the syslog, but what I would really need is low level output. (e.g. for a "debug fixup tcp" I want the "tcpseq: ...
Hello all,I have an issue with a PIX and fast passive FTP connection sending multiple files. The source of the "problem" is the following: when receiving requests for 2 or more STORs quickly one after the other, my FTP Daemon (wu-ftpd) proposes the ...
Thanks Scott, that looks pretty much like it. And no reason to be sorry: only if it was not fixed you should be :).One (only slightly related) question: are the latest builds available on CCO or do I have to open a case? (I have access to the softwar...
Hello Mike,I must apologize: it actually was my config. The packets were allowed by an earlier rule than the one I was watching, and so I missed the point.I'm glad though that it is now clear to me that one packet goes twice through the same acl... i...
Hello Mike,I do have an acl on the ingress interface, but it does not show any matches on my traffic (which passes). Besided I'm wondering if that is possible at all: the acl on the outside interface is already passed by the encapsulated traffic. So ...
I'n not sure I'm getting your point. Nothing happens: the client switches to active and no transfer at all is possible (not even a first file). But that's the expected behaviour.The ftp _seems_ to work as it should, unless there is some RFC that forb...
