You should never have to do a reload. That reboots the PIX. write mem is what puts the changes into use. I can't think of any commands off hand that are implemented immediately like your router example.
One caveat I can think of is when you assign a static NAT to an internal IP and then change to either PAT or a different external IP, you have to clear xlate. Everything will work but the box you made the change on, will not have traffic passed until you clear the original xlate. FYI, clear xlate breaks all connections. Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Harry Whitehouse Sent: Wednesday, December 12, 2001 3:02 PM To: [EMAIL PROTECTED] Subject: PIX: When do config changes take effect? Hello All! When I make a config change to my PIX 520, I do a "write mem" and "reload". I know that sequence of commands will always cause the new config to take effect. But I recently configured an ARP statement in a Cisco router and was surprised to find that config changes could be made "on the fly" without rebooting the router. So I'm wondering if the same might be true for the PIX. I'm having to tweak some routing statements on the PIX and every time I do I've been "reload'ing" which interrupts our production traffic for a 10-15 second interval. I'm wondering now if just the "write mem" would suffice to implement the config change. Can someone enlighten me on this? TIA Harry _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
