Hi to all,
I have this scenario, I have a pix firewall and in one DMZ i have my servers, i have allowed only the https access to one of them from the outside interface but if i make a telnet to the server for any port the firewall gives the impression that it is open.
For example if from an MS-DOS command line i try a telnet to the server to the port 1200 wich is not allowed by the firewall and is also closed in the server the MS-DOS window gets "black" wich means that the port is open but as soon as i press a key the MS-DOS window gets closed so it means that the connection was not stablished wich is correct but it gave the impresion that it was stablished.
Do you have any ideas about what could be causing this?
Thanks in advance.
This is normal - the pix will just "drop" the packets silently, without sending a "reset" to the remote end indicating there was any kind of connection - basically the firewall is giving the impression of a blackhole.
If you change the TCP settings, to send a reset back - you are announcing there is something there, not allways the best approach.