Re: PIX software release 5.2

[Jian Zhen <jlz () synlab com>]

PIX 5.2.1 has a huge SSH bug in that if you are using failover, it will
erase the ssh key on the secondary. eventually if the pix fails over and
the new active (was secondary) syncs the new standby (was primary), it 
will erase the primary's ssh key also.

so careful when u use 5.2.1

Carson Gaspar (carson () tla org) [000919 17:43]:
> --On Monday, September 18, 2000 10:54 AM -0500 shewitt () cdw com wrote:
>
> > Anybody have any good / bad experiences with PIX 5.2(1)?
>
> It's working fine for me, so far. But it's a very small install, and we 
> don't use WebSense. 5.2(1) adds SSH support (finally!), so that's a good 
> reson to upgrade. Of course, you have to have a VPN license to use it 
> (wonderful Cisco...). You can get a free 56-bit DES VPN license from Cisco, 
> but have to pay for the 3-DES license. Oh, and you can only install the new 
> license by re-loading the firmare on the PIX. Oh, and SSH-DES doesn't work 
> with Tatu's unix SSH-1 client (it does with SecureCRT, so I suspect the 
> unix code to be at fault, but...). And OpenSSH doesn't support DES.
>
> But I'm not bitter. Really! :)
>
> -- 
> Carson Gaspar -- carson () tla org
> Queen Trapped in a Butch Body
>
>
> _______________________________________________
> Firewall-wizards mailing list
> Firewall-wizards () nfr net
> http://www.nfr.net/mailman/listinfo/firewall-wizards

-- 
Jian L. Zhen
<jlz () synlab com>
wasaaaaaaaaaaaaaaaaaaaaaabi

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards