GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: OT: Sort of..PIX v/s IOS Firewall [7:85368] posted 03/05/2004
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


----- Original Message -----
From: "Priscilla Oppenheimer" 
To: 
Sent: Friday, March 05, 2004 6:00 PM
Subject: Re: OT: Sort of..PIX v/s IOS Firewall [7:85368]


> Carroll Kong wrote:
> >
> > I think it's pretty clear it was not that easy to revamp it
> > 100% as those
> > who have worked with both can already list a few user interface
> > differences.
>
> For heaven's sake, why couldn't they at least port "copy running-config
> startup-config" to the PIX? I hate having to remember "write mem." I never
> used it after they came up with the much more intuitive "cop run start."
:-)

I think I was able to shorten it a touch more with the even MORE intuitive
"cop ru st" vs
"wr mem"

Darn still seems like a few chars more than the old wr mem favorite!
Although I hear Cisco wants to deprecate "wr mem" in favor of the "cop ru
st" combo.  :)

> And, while we're at it... What's with the ridiculous RIP implementation on
> PIX 6.2? I was dismayed to discover that all it can do is inject a default
> route (send a RIP update for 0.0.0.0) and/or passively listen to RIP
updates
> from other routers. And the listening actually doesn't seem to work. I
> didn't have time to troubleshoot this, but it didn't seem to me that my
PIX
> added any routes to its routing table when I turned on RIP passive even
> though I had other routers out that interface generating perfectly good
> RIPv1 packets. (I tried v2 also, with no luck).
>
> Gave up and used static routes. Is RIP any better in PIX 6.3?
>
> Priscilla

I have not used RIP with Pix lately.  You could try their OSPF but I am
fairly certain that is a 6.3 feature.  :)

I think 5.X required the "neighbor statements" from their neighboring RIP
partners for directed RIP statements.  I think 6.X should support good ol
fashioned broadcast/multicast style last I tried.

Pretty sure the Pix is still a passive RIP learner (or default route
injector at best) but it "should" have picked up broad/multicast RIP
packets.

Hm... my colleagues wanted to run OSPF on the Pix and frighteningly enough
it seems it might be able to generate and receive.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref
/mr.htm#wp1097803

I will find out the status on how well that OSPF worked on the Pix.  I am
sure you are ecstatic and confident about it considering how well your
experience with Rip went.  ;)



- Carroll Kong




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=85451&t=85368
--------------------------------------------------
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html