So you want to connect securely to your Pix firewall? You will need to setup SSH instead of connecting using telnet. Telnet is clear text and SSH is encrypted.
Below are the required commands to run on your pix:
Hostname "Name"
domain "domain name"
ca generate rsa key 1024
ca save all
ssh 192.168.1.1 255.255.255.255 inside
writ m
The reasons for each […]
Do you want your workstations to connect to PPTP VPNs through a Cisco Pix firewall without having to setup a static NAT for each one.
Are you getting the following error in your syslogs when you try:
"regular translation creation failed for protocol 47"
All you should have to do is add a new fixup protocol entry.
"fixup […]
Cisco confirms the memory exhaustion vulnerability as per the advisory published by CERT/CC and confirms this vulnerability impacts the PIX and ASA appliance for system software 7.2 only. Exploitation of the vulnerability may lead to a Denial of Service condition against the appliance.
The Firewall Services Module (FWSM) is not affected by this vulnerability.
PSIRT would […]
I have been seeing some “Critical Syslog Events” coming through lately from my Cisco FWSM (Firewall Switch Module). The event number is FWSM-2-106017 or if you have a PIX it would be PIX-2-106017.
When you go to Cisco’s site for the explanation this is what they give you:
Error Message %FWSM-2-106017: Deny IP due to Land […]
One of the benefits of having a firewall in your network is for the logging of the traffic that passes through it. By default when you turn on logging every single connection through the firewall is logged both on setup and teardown. In a high traffic network this can cause huge databases of syslogs and […]
Just wanted to post about controlling services like DNS, FTP, SMTP etc… If you don’t have a firewall and have a Cisco router you can control ports with ACLs. You will need to use an extended ACL so the that command will start out with “ip access-list extended” typically with these since it can be […]
Here is an update for those people who are looking for an entry level PIX that can still do the job for you. The Cisco PIX 506e is a small/medium business firewall that costs under $1000. It comes with two 10/100 ports and can support up to 25,000 sessions.
One problem I ran into is […]
Earlier I talked about the importance of running Cisco products on your network. http://blog.super-networking.net/?p=3 I had some questions about sizing and options. Cisco make a wide variety of products and these products have may models that are sized/priced for different sized businesses. The #1 important product to have with any size business is a firewall […]
RSS Feed
