RE: [fw-wiz] Cisco PIX Questions

From: Melson, Paul (PMelson@sequoianet.com)
Date: 03/24/03

  • Next message: John Adams: "Re: [fw-wiz] Pix to Pix VPN IPSec w/ PAT" 
    From: "Melson, Paul" <PMelson@sequoianet.com>
To: "John Madden <chiwawa999@yahoo.com>@AICNOTES" <IMCEANOTES-John+20Madden+20+3Cchiwawa999+40yahoo+2Ecom+3E+40AICNOTES@sequoianet.com>, <firewall-wizards@honor.icsalabs.com>
Date: Mon, 24 Mar 2003 13:01:39 -0500

    With regard to 6.2, it's still not a stable release. Do you need specific features (i.e. PPPoE or N2H2 url-server) that only 6.2 supports? If not, installing 6.1 may clear up some of your headaches.

    I haven't seen the specific problem you describe in #1, but I've had other problems w/ PDM and 6.2. Also, with regard to #3, you may find it difficult to find a log analysis tool that supports 6.2. The syslog format changed in 6.2, so many vendors are still working to add support for the new format to their products. If you were running 5.x through 6.1, however, I would recommend WebTrends Firewall Suite or NetSpective.

    As far as #2 goes, you have to explicitly block ICMP to the PIX interface(s) you don't want people to ping using the 'icmp' command. For example, 'icmp deny any outside' would block ICMP traffic to the outside interface address. Hope that helps!

    PaulM

    > -----Original Message-----
    > From: John Madden <chiwawa999@yahoo.com>@AICNOTES
    > Sent: Saturday, March 22, 2003 9:20 PM
    > To: firewall-wizards@honor.icsalabs.com
    > Subject: [fw-wiz] Cisco PIX Questions
    >
    >
    > Hi,
    >
    > I'm new to this list and I've just inherited a Cisco
    > PIX 515E at my new job. We're running 6.2(1) with PDM
    > 2.11. Here are my questions:
    >
    > 1- Everytime I remove the PDM Location for all the
    > unwanted clients, I write it to memory then sh run and
    > its not there. I will then connect to it the next day
    > and they show up again. Interesting thing is that with
    > "sh run" I see about 10-15 different PDM Locations but
    > if I use PDM to view it I only see the one location I
    > want .... Any ideas ?
    >
    > 2- I've removed every connetion possible to the Pix
    > but yet i'm still able to ping it... What i'm I
    > missing ?
    >
    > 3- What would be your recommendation for a good log
    > analyser for the Pix logs? Right now i'm using a Kiwi
    > Syslog server but it's not the greatest to analyze
    > logs... Any suggestions ?
    >
    > Sorry for the long e-mail...
    >
    > John
    >
    > __________________________________________________
    > Do you Yahoo!?
    > Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
    > http://platinum.yahoo.com
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: John Adams: "Re: [fw-wiz] Pix to Pix VPN IPSec w/ PAT"