Firewall Wizards mailing list archives

RE: Cisco PIX Questions

From: "Melson, Paul" <PMelson () sequoianet com>
Date: Mon, 24 Mar 2003 13:01:39 -0500

With regard to 6.2, it's still not a stable release.  Do you need specific features (i.e. PPPoE or N2H2 url-server) 
that only 6.2 supports?  If not, installing 6.1 may clear up some of your headaches.

I haven't seen the specific problem you describe in #1, but I've had other problems w/ PDM and 6.2.  Also, with regard 
to #3, you may find it difficult to find a log analysis tool that supports 6.2.  The syslog format changed in 6.2, so 
many vendors are still working to add support for the new format to their products.  If you were running 5.x through 
6.1, however, I would recommend WebTrends Firewall Suite or NetSpective.

As far as #2 goes, you have to explicitly block ICMP to the PIX interface(s) you don't want people to ping using the 
'icmp' command.  For example, 'icmp deny any outside' would block ICMP traffic to the outside interface address.  Hope 
that helps!

PaulM

 -----Original Message-----
From:         John Madden <chiwawa999 () yahoo com>@AICNOTES  
Sent: Saturday, March 22, 2003 9:20 PM
To:   firewall-wizards () honor icsalabs com
Subject:      [fw-wiz] Cisco PIX Questions

Hi,

I'm new to this list and I've just inherited a Cisco
PIX 515E at my new job. We're running 6.2(1) with PDM
2.11. Here are my questions:

1- Everytime I remove the PDM Location for all the
unwanted clients, I write it to memory then sh run and
its not there. I will then connect to it the next day
and they show up again. Interesting thing is that with
"sh run" I see about 10-15 different PDM Locations but
if I use PDM to view it I only see the one location I
want .... Any ideas ?

2- I've removed every connetion possible to the Pix
but yet i'm still able to ping it... What i'm I
missing ?

3- What would be your recommendation for a good log
analyser for the Pix logs? Right now i'm using a Kiwi
Syslog server but it's not the greatest to analyze
logs... Any suggestions ?

Sorry for the long e-mail...

John

__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Cisco PIX Questions John Madden (Mar 24)
- <Possible follow-ups>
- RE: Cisco PIX Questions Melson, Paul (Mar 24)
- Re: Cisco PIX Questions Mike Hoskins (Mar 24)