Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
The old DNS RFC stated that any DNS reply over 512 would be truncated to 512, sent as UDP with a kind of "If you want to know more, ask again in TCP". You would then query in TCP for the full record.The new DNS spec allows packets over 512 to be sen...
Eric,We saw that problem with external sites using AKADNS. They return dns queries that are over 512 bytes using UDP.With the fixup set to 512, any responses over 512 and using UDP will be dropped.We set our fixup to 1024 to remedy this problem.Chris
Just a quick suggestion. Why don't you open a connection to the failover ip address inside? When you connect to that address you are actually talking the the standby PIX. Couldn't you tftp the pdm image up image up to the standby PIX that way?I co...
Access lists are checked in the order the statements were added. You can't just add a line. Try a show running-config. Highlight the access list. Copy it to the clipboard. Paste it into a notepad type application. Arrange the lines in the acces...
Conduits are, in fact, inbound. There is an outbound command, which, when used with apply, works like an outbound access-list.Conduits and outbound are the older way to do it. It still works fine, but if you are comfortable with ACLs, and your PIX ...
