Does the PIX command 'sysopt connection permit-ipsec' leave my system more vunerable to virus/dos attacks ?
If so how bad is this ?
regards
Andy Greaves
In fact by using this command the inbound IPSec traffic bypasses all access-list or conduit.I didn't hear about any vulnerabilities but you can specify precisely your IPSec traffic for high security purpose so you should explicitly define ACL or counduit and then add them to outside interface access group.