But just because your Cisco "tech" guy doesn't know anything about the application-level effects of the Cisco fixup features doesn't mean there's anything wrong or "unreal" about the PIX as a firewall, as long as you eliminate the fixup problem. If neither you nor the tech thought or wondered about turning off fixup, which is very well documented, that's no fault of the product itself (though I can understand the desire for vengeance at a vendor rep who didn't know his stuff).
The PIX is a highly resilient enterprise firewall. Like other products that dabble in application proxying (WatchGuard, etc.), its proxy functions are not as well thought out. -Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] ------------------------------------ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.