PIX - Flood Defender

Discussion in 'Cisco' started by grzybek, Feb 23, 2004.

  1. grzybek

    grzybek Guest

    Hi,

    Who knows specification how Floodguard on PIX considers
    packets as attack and drops this packets ?
    I suspect that one Web application working through PIX in our
    network base on java is wrong implemented and sometimes if
    server is busy or something like that server doesn't reply ACK
    and client repeats several SYN packets. In this way this application
    very often is disconnected. If I test omitting PIX aplication works good.

    Thanks for any help.

    Regards,
    grzybek
     
    grzybek, Feb 23, 2004
    #1
    1. Advertisements

  2. Depends.
    Normally it is off by default, and you have to configure the internal IDS
    function first.
    Do this and the log will tell you what goes on.

    fx:

    ip audit name OUTSIDE1 attack action alarm
    ip audit interface outside OUTSIDE1
    ip audit info action alarm
    ip audit attack action alarm

    HTH
    Martin Bilgrav
     
    Martin Bilgrav, Feb 23, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.