cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
397
Views
0
Helpful
4
Replies

Handling Broadcast traffic.

mhofman
Level 1
Level 1

I'm having a bad pix day and am hoping someone can help.

I want to drop all broadcast traffic that hits the pix, especially udp 137-138.

How are people handling this?

The msg denying the traffic is from the internal interface to the internal interface.

Mark

4 Replies 4

nsteup
Level 1
Level 1

Mark,

the broadcasts reach the pix anyway because your PCs, Laptops or servers are directly connected to the pix - and your network need them. Put your firewall behind a separate routing interface and the broadcasts are off it.

Regards,

Norbert

Thanks Norbert unfortunately that option is not available on this particular network. On any other firewall I'd configure a rule to drop the traffic and not log it, but that does not seem to be an option on the pix.

The pix seems to have some implied rules to deny the traffic and log it. I just want to be able to control it.

jackko
Level 7
Level 7

you mentioned "I want to drop all broadcast traffic that hits the pix".

pix by default will not forward any broadcast, and simply drop the packet.

True it is probably more correct to say that I don't want the log entries in the log. which makes me think I can play around with the message number and drop the msg into a different level.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: