re: [fw-wiz] 7.0 Pix software capabilities

• Previous message: Julian M D: "Re: [fw-wiz] scanning..."
• Maybe in reply to: James Wyant: "[fw-wiz] 7.0 Pix software capabilities"
• Next in thread: Paul Melson: "RE: [fw-wiz] 7.0 Pix software capabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "James Wyant" <jwyant@skylight.com>
Date: Thu, 3 Nov 2005 07:00:50 -0500

James,
 
I may not be reading this properly, but the MAC/hardware addresses
do not traverse routers or firewalls. The MAC address that you will see
is the device that delivers the packet to you. It sounds like your internal
network uses 802.1x to authenticate, before allowing access to the
network(switch port.)
 
As for authenticating users from the public side, you should try RADIUS
or use the Cisco VPN client software.
 
Robert

________________________________

From: firewall-wizards-admin@honor.icsalabs.com on behalf of James Wyant
Sent: Wed 11/2/2005 2:28 PM
To: Alan Holmes; Vahid Pazirandeh; firewall-wizards@honor.icsalabs.com
 
All,

Does anyone know if software version 7.0 has the ability to transfer the
mac address of a device on the outside interface to the inside secure
interface without altering it.

I have a need to put a pix between a public wireless network and my
network gateway which requires the mac address of the user to determine
if they are new member trying to attach to the gateway.

Those of you who travel can think of how such a system word work in a
hotel environment.

J.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Julian M D: "Re: [fw-wiz] scanning..."
• Maybe in reply to: James Wyant: "[fw-wiz] 7.0 Pix software capabilities"
• Next in thread: Paul Melson: "RE: [fw-wiz] 7.0 Pix software capabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: 99.9 % of Software/Hardware Firewalls DO-NOT..... ... If you're saying that MAC address ... > Internet, because MAC ADDRESSES ARE A LAN issue, not a WAN issue. ... > "Most firewalls do not come preconfigured to block Private Addresses, ... > "...gain entry via DNS UDP, or worse yet, DNS TCP for Zone Transfers"? ... (comp.security.firewalls) Re: Mac not connecting to my Vista PC ... ensures that i'm using smb not afp...I read about having the same user ... and about configuring the firewalls, i'm not quite sure as to how to go ... windows sharing is enabled in the mac, ... able to access my mac from the pc, although it might be blocking only ... (microsoft.public.windows.vista.networking_sharing) Re: 99.9 % of Software/Hardware Firewalls DO-NOT..... ... If you're saying that MAC address ... Internet, because MAC ADDRESSES ARE A LAN issue, not a WAN issue. ... "Most firewalls do not come preconfigured to block Private Addresses, ... "...gain entry via DNS UDP, or worse yet, DNS TCP for Zone Transfers"? ... (comp.security.firewalls) Re: 99.9 % of Software/Hardware Firewalls DO-NOT..... ... The only way your really going to get someone's mac address, ... > Internet, because MAC ADDRESSES ARE A LAN issue, not a WAN issue. ... > "Most firewalls do not come preconfigured to block Private Addresses, ... > "...gain entry via DNS UDP, or worse yet, DNS TCP for Zone Transfers"? ... (comp.security.firewalls) Re: Recommendations for anti-virus and firewall for Apple Mac ... Apple Mac running MacOS 10? ... firewall is enabled on a given connection or how to enable it if it wasn't. ... When I looked in Internet Connections (purple circular icon on pop-up ... I couldn't see anything there about firewalls. ... (uk.comp.sys.mac)