My GW router is getting many IP spoofing and other attempts.My internet traffic suddenly goes up without any reason.
To tackle with i have get a pix 501.What must be the physical placement of the firewall. Should i place it behind my internet router (b/w internet router and LAN) or even before internet router to avoid unwanted traffic ?
In addition to Francisco's post, you may need to do additional filtering in your router facing ISP/Internet, even by placing firewall it is recommended to implement some additional security in your edge router.
Go over this link which provides anti-spoofing acls .
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...