Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Recent content by pixen
-
Question for all PIX Guru's :)
Have you tried to clear arp and clear xlate? Any NATing going on? Also, any of these devices Windows 2K with multiple IP addresses on a single interface? If you aren't NATing, you might try "sysopt noproxyarp [interface name]", I've seen where the default proxy arp of PIX sometimes gets...- pixen
- Post #9
- Forum: Security, hacker detection & forensics
-
PIX 515 and Outbound Security
I won't set up a firewall without both inbound and outbound ACLs for all the good reasons already noted. The pain comes up when you have to "lock down" a non-restricted path. The only way I have found reasonable is to setup logging to a syslog server and collect data (at level 6 or 7) on what...- pixen
- Post #9
- Forum: Security, hacker detection & forensics
-
Creating a VPN to another PIX
What has been sent to you is pretty much straight PIX VPN config commands. As long as your end uses the same standards for configuring the tunnel, you should be in good shape. Just make sure that your acl at your end matches theirs (with source/dest flipped) or the tunnel won't come up. To...- pixen
- Post #2
- Forum: Security, hacker detection & forensics
