Educause Security Discussion mailing list archives
Re: Pix install
From: George Russ <george.russ () CITADEL EDU>
Date: Thu, 10 Mar 2005 12:13:24 -0500
John, The easiest way would be to use a sniffer at points along path(student to Pix) to detect where the packets are being dropped(disappearing) Otherwise eliminate the ACLs(access lists) on the respective interfaces along the path. Be sure to do this in a timely manner so as not to subject your network to the unwanted packets the ACLs were intended to relieve it of. George --------------------------------------------------------------- George Russ ITS/Network Support Services The Citadel Charleston SC 29409 --------------------------------------------------------------- _____ From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of John Sent: Thursday, March 10, 2005 11:33 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Pix install George, Thank you very much for responding to my request for assistance. Do you mean acls on the Pix or all on routers between student taking the test and the Pix? Currently the only acls on the Pix are blocking ports 135-139 and 1433.. Next step will be to tighten the Pix down. Any other ideas are much appreciated. Cheers, John _____ From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of George Russ Sent: Thursday, March 10, 2005 10:02 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Pix install John, Try removing your access list on the relevant interfaces one at a time while testing Accuplace. When it succeeds you will have at least found the list responsible. The rest is process of elimination. Check your "fixup protocol" settings as Accuplace may not agree with some. I am not familiar with the product so I cannot say for sure. --------------------------------------------------------------- George Russ Network Support Services The Citadel Charleston SC 29409 -------------------------------------------------------------- _____ From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of John Sent: Thursday, March 10, 2005 10:22 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Pix install Greetings All, We have recently installed a new Pix 525 on a network edge. We are having issues with some connections dropping. In particular Accuplace web tests seem to be dropping off. The Pix Devcie manager is logging a traffic drop for inbound and outbound traffic on both the inside and outside interfaces about every four minutes. I am unsure if these events are correlated or not and am roubleshooting. Should anyone have a clue as to where to look I am very appreciative. I am poking at Pix, routers and DNS issues and am opening a case with Crisco TAC. Cheers, John Garner jgarner () sfasu edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Pix install John (Mar 10)
- <Possible follow-ups>
- Re: Pix install George Russ (Mar 10)
- Re: Pix install Aaron Childs (Mar 10)
- Re: Pix install John (Mar 10)
- Re: Pix install Arturo Servin (Mar 10)
- Re: Pix install George Russ (Mar 10)
- Re: Pix install James M. Driskell (Mar 10)
- Re: Pix install Eric Pancer (Mar 10)