[fw-wiz] pix firewall - failover and logging issues

From: Luciano Z (user_luciano@yahoo.com.br)
Date: 01/28/03

From: Luciano Z <user_luciano@yahoo.com.br>
To: firewall-wizards@honor.icsalabs.com
Date: Tue Jan 28 13:41:02 2003


I have two questions about pix firewall for the list.

The first one is directed to failover users. I┤m using
a pix with version 6.1(1) software and with stateful
failover (I think this version needs update, right?).
From time to time I experiment lost of ssh connection
to the active pix because it have changed from active
state to standby state. I couldn┤t find the reason for
this because we just checked the cables and it was
operating well before I create another subnet attached
to this firewall, changing the address of and unused

In this situation I┤m not using LAN based failover
(this version doesn┤t support it) so the I have the
serial cable in place. Someone had some problem that
looks like my? Is it possible to start looging to the
syslog server just the messages related to failover

Second question, this is about logging of URL access.
I┤ve read the pix could log the URLs accessed by the
users on a protected network. My question is about the
performace impact of this feature. Anybody used this?
What was the impression about it? And again: Is it
possible to log just the events related to this?

Well, thanks for your time!


Busca Yahoo!
O servišo de busca mais completo da Internet. O que vocŕ pensar o Yahoo! encontra.