Hi all: Is that IPsec router communicate with CA server only using tcp port 80 ? if there is a pix between them, is there any other port i need to open in the pix ? Can sb give me a sample? Thanks
Hi all: Should we configure some Qos feature in a low speed serial link to prioritize the ospf routing packet in a low speed FR link in case of under DDOS attack. If could , how could we do the configure ? Thanks
Hi all: If i want to make router only forwarding packet which is in its routing table and drop packet which is maybe spoofing? Can i config router to do this?How can i do that? Can Unicast RPF do that? Should i both filtering private address an...
hi All: Can sb give me a example to permit Ident using established command? Is that command will conflict with the access-list configured before and will make a security hole? I just want to permit ident in my pix to fix the mail server problem. Th...
Thanks Steven: Is that the ident is intiated by the server ? If that is the server initiate the ident and destination port is 113 to the host. That may be the problem. I may config to permit the wrong port because i though it was client to initiat...
Thanks, Some time the attack is go though another service provider and it has valid routing and not a private address. They just continue to change their source address and it is all valid address. In this cast the unicast RPF and ACL may not help...
thanks, Is that till now what we can do are only "unicast rpf" and" filter private address". How about if the address is real and is in the router's routing table xh
