Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I have a simple question here, regarding the static nat, suppose that webserver is 192.168.1.2 and public ip 200.200.200.202static (inside,ouside) 200.200.200.202 192.168.1.2 netmask 255.255.255.255and there is no access-list to permit inbound tc...
Hi,Currently i'm having trouble with this type of thing, my customer complaint that the PIX doesn't stop the threat, they have set emb_limit, max_conn, ip verify. And also when show ip audit count, large icmp is very high, is this a good news because...
Hi there,What is the recommended value for the max_con & emb_limitfor example (web server)static (inside,outside) 211.211.211.2 192.168.1.2 netmask 255.255.255.255 0 0i set to 80 30, still the webserver cannot be access with tcp syn flood continuousl...
Hi,Ok like this, i want to deny network 192.168.1.0/24 send an email using port 25 (smtp) and want to allow only 192.168.1.2 to send email. Below config not working, it deny all tcp 25,access-list outbound deny tcp 192.168.1.0 255.255.255.0 any eq 25...
for the 3rd acl, if not specify access-list inbound permit ip any any , can other traffic that we permitted pass through? public ip 200.200.200.202 is for web server only, no other services allowed. actually, there are 12 web servers here, 1 mail ser...
ok thanks, please confirm whether the following config is secureaccess-list inbound permit tcp any host eq 80access-list inbound deny ip any anyaccess-list inbound permit ip any anyanother question is, are there any impact if we apply permit ip any a...
Ohhh man... i find thishttp://www.securiteam.com/securitynews/5AP032AI0A.htmland its related to thishttp://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.htmland how do i download the software 6.3(5.106). bec...
Man.. why a lot of collisions & deferred on pix outside interface, is this normal?pix# sh intinterface ethernet0 "outside" is up, line protocol is up Hardware is i82559 ethernet, address is xxxx.xxxx.xxxx IP address x.x.x.150, subnet mask 255.255.255...
