- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: OT: Sort of..PIX v/s IOS Firewall [7:85368] posted 03/05/2004
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

----- Original Message -----
From: "Priscilla Oppenheimer" 
Sent: Friday, March 05, 2004 6:00 PM
Subject: Re: OT: Sort of..PIX v/s IOS Firewall [7:85368]

> Carroll Kong wrote:
> >
> > I think it's pretty clear it was not that easy to revamp it
> > 100% as those
> > who have worked with both can already list a few user interface
> > differences.
> For heaven's sake, why couldn't they at least port "copy running-config
> startup-config" to the PIX? I hate having to remember "write mem." I never
> used it after they came up with the much more intuitive "cop run start."

I think I was able to shorten it a touch more with the even MORE intuitive
"cop ru st" vs
"wr mem"

Darn still seems like a few chars more than the old wr mem favorite!
Although I hear Cisco wants to deprecate "wr mem" in favor of the "cop ru
st" combo.  :)

> And, while we're at it... What's with the ridiculous RIP implementation on
> PIX 6.2? I was dismayed to discover that all it can do is inject a default
> route (send a RIP update for and/or passively listen to RIP
> from other routers. And the listening actually doesn't seem to work. I
> didn't have time to troubleshoot this, but it didn't seem to me that my
> added any routes to its routing table when I turned on RIP passive even
> though I had other routers out that interface generating perfectly good
> RIPv1 packets. (I tried v2 also, with no luck).
> Gave up and used static routes. Is RIP any better in PIX 6.3?
> Priscilla

I have not used RIP with Pix lately.  You could try their OSPF but I am
fairly certain that is a 6.3 feature.  :)

I think 5.X required the "neighbor statements" from their neighboring RIP
partners for directed RIP statements.  I think 6.X should support good ol
fashioned broadcast/multicast style last I tried.

Pretty sure the Pix is still a passive RIP learner (or default route
injector at best) but it "should" have picked up broad/multicast RIP

Hm... my colleagues wanted to run OSPF on the Pix and frighteningly enough
it seems it might be able to generate and receive.

I will find out the status on how well that OSPF worked on the Pix.  I am
sure you are ecstatic and confident about it considering how well your
experience with Rip went.  ;)

- Carroll Kong

Message Posted at:
**Please support GroupStudy by purchasing from the GroupStudy Store:
FAQ, list archives, and subscription info: