Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix 6.2 - sysopt route dnat

Hi,

I cannot find this command sysopt route dnat in Pix 7.1. Any idea is this command deprecated or enable by default.

Are there any new commands that should be considered for hardening of Cisco PIX firewalls?

1 REPLY
New Member

Re: Pix 6.2 - sysopt route dnat

It was depreciated and long ago:

" ..The following commands are no longer used to configure the firewall: sysopt route dnat, sysopt security fragguard, fragguard, and session enable.

The sysopt route dnat command is ignored, starting in PIX Firewall software Version 6.2. Instead, overlapping configurations (network addresses and routes) are automatically handled by outside NAT. .."

from Cisco PIX Firewall Command Reference, Version 6.3

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/intro.html

Regarding the second question - hardening against what ?

More info would help.

443
Views
0
Helpful
1
Replies
CreatePlease login to create content