Fei Yang wrote:
>
> Hello all,
>
> When I use Microsoft NetMeeting though my Cisco PIX firewall, I
> found the following records in my Syslog:
>
> 106012: Deny IP from x.x.x.x to y.y.y.y, IP options: "0x14"
> 106012: Deny IP from x.x.x.x to y.y.y.y, IP options: "0x14"
Isn't this just RSVP packets with "router alert" options?
Unless you know that the routers between you and the host
at the other end actually listen to and honor RSVP requests,
and unless you actually need it (netmeeting functions just
fine anyway, right?), I'd recommend that you _don't_ attempt
to pass these packets through your firewall.
But then again, I don't recommend running netmeeting from
anything else then a specificly designated sacrificial
host in a separated security zone either.
/The Grumpy One
--
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden
Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50 WWW: http://www.clavister.com
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls
