We have recently installed a Cisco PIX firewall as the front line in our
firewall setup. It seems to deliver what it promises but we have one problem
with it.
The PIX will always send echo replys in response to any echo requests which
hit its external interface and we cannot figure out how to switch this off.
We have removed the ICMP conduit so no ICMP can go through the PIX but
people can still ping the PIX external interface.
We have been through the manual many times and even raised it to our ISP
(who support our kit and supposedly have a deal with cisco) but they have
came back saying it cannot be done and the only way to stop it is to filter
out ICMP at the router before the PIX. I know this is a solution (/kludge)
but I don't understand why it is not possible to configure a firewall to
stop replying to echo requests!
Any ideas??
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
