Hi David,
Cisco is aware of the problem, and Cisco bug ID CSCdm84708 has been filed.
If you have a Cisco Connection Online account, you can sign up to 'watch'
this bug, to be notified when it is resolved.
Thanks much,
Lisa Napier
Product Security Incident Response Team
Cisco Systems
At 09:00 AM 1/13/2000 +0000, David Calder wrote:
>We have recently installed a Cisco PIX firewall as the front line in our
>firewall setup. It seems to deliver what it promises but we have one
>problem with it.
>
>The PIX will always send echo replys in response to any echo requests
>which hit its external interface and we cannot figure out how to switch
>this off. We have removed the ICMP conduit so no ICMP can go through the
>PIX but people can still ping the PIX external interface.
>
>We have been through the manual many times and even raised it to our ISP
>(who support our kit and supposedly have a deal with cisco) but they have
>came back saying it cannot be done and the only way to stop it is to
>filter out ICMP at the router before the PIX. I know this is a solution
>(/kludge) but I don't understand why it is not possible to configure a
>firewall to stop replying to echo requests!
>
>Any ideas??
>______________________________________________________
>Get Your Private, Free Email at http://www.hotmail.com
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
