06-03-2001 09:18 AM - edited 02-20-2020 09:48 PM
I've configured my PIX to allow H.323 traffic. After read the reference from Netmeeting, I understanded that I have to allow secondary dynamic TCP port traffic after H.323 port is connected so I used "Establish" command to do so. Then I found the netmeeting parnter can connect to my defined dynamic port ranges besides the basic secondary port.
How can I stop this potential security hole?
06-07-2001 12:28 PM
What version of PIX are you using? I think there was a bug on that on older PIX code.
06-07-2001 06:28 PM
Current my PIX is 5.2(3). Can I directly upgrade to 6.0 so that the prossible security hole can be stopped?
06-08-2001 11:31 AM
I thought 5.2 had that fix. You might just need to have Ciscos tac look at your configuration. Its not a good idea to try to do a code jump like that. You always need to upgrade 5.2.x to 5.3.x then 6.0 etc so the upgrade parser can handle any command syntax changes. If not, you could loose important configuration lines. ( I would first go to 5.2(5) and test it from there. Theres usually no good reason to be on the very latest PIX code.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: