Has anyone had any experience with the RVS4000 and gettting them to be PCI compliant? I have several RVS4000's in place for credit card terminals. When the port scan is run everything passes but the test for UDP probes with a source port of 53 vs some other random port to specific ports on the RVS4000's end. Here is an example. UDP probe source port 53 to target port 111, result: 111 UDP closed. UDP probe source port 53566 to target port 111, result: 111 UDP open|filtered. This occurs with an ACL rule set to DENY all UDP traffic from ANY source. This rule is priority 1. Firmware is 1.3.1. I am assuming that there are other firewall rules for the DNS (port 53) that are "hidden" that are overriding my ACL rules. If anyone has any ideas about how to get around this, please let me know.
** After reading a thread regarding DNS and the IPS features, I tried disabling the IPS features. With IPS disabled, I ran the scan a few more times. This time it responded 111 UPD closed when probed from 53566. HOWEVER after a power cycle of the RVS4000 it responded 111 UDP open|filtered again. I tried to replicate the results, and I could but, it does not consistently do this.
Message was edited by: [email protected]