Well, I've looked there, at the CCO, and the documentation I've found is
'ok'.
By 'ok' I mean that you *can* successfully set up the PIX from those docs.
The PIX, however, isn't there for just NAT, it's there to help secure your
network. To that end there seems, to me, to be very little in the way of
code snippets for, say, preventing a simple smurf, or for dropping IP
packets where the source isn't from your address range. Things that CERT
talks about, but how do you *do* that on your firewall?
In fact, some current 'how tos' at the Cisco PIX site still talk about the
'outbound' command; something even IOS 5.1 (5.3 is current) indicates has
been superseded by the 'access-list' command. Check out this outdated
'help' yourselves:
"Question: How do you configure outbound access lists on the PIX box?
http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/3753 "
While it's sometimes nice to have archival information for past IOS
versions, clearly this information is less-than-useful to current PIX IOS
users. Unless, as many, I'm lost in the vastness of CCO-land, which,
admittedly, is possible.
So, it's nice that somebody passed the exam. It would also be nice to find
a resource for the PIX. I'm still struggling, but making headway.
Best, G.
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
