Frequently Asked Questions

The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the "Ask the Author" form.

Q.		What happens when FTP fixup is not enabled?
A.		There are several cases: Outbound active FTP sessions will not work because the outside servers will not be able to open a data channel to an inside client. Outbound passive FTP sessions will work normally if outbound traffic is not explicitly disabled, because all connections in this case are initiated by an inside client. Inbound FTP active connections will work normally if there are a static NAT entry and an access list allowing outside clients to connect to the inside server. Inbound FTP passive FTP connections will not work because outside clients will not be able to open data connections to the inside server.
Q.		I have a PIX and an SMTP server configured on its inside network. Sometimes I get two copies of incoming mail messages. What is wrong with my server?
A.		Nothing is wrong; there is a slight misbehavior on the PIX side. You probably have fixup protocol smtp configured. Some versions of PIX software send an error message to relaying servers when a final dot in the message...

< Previous Excerpt Next Excerpt >

Cisco Security Specialist's Guide to PIX Firewalls

TABLE OF CONTENTS

Frequently Asked Questions

Contact Preferences

This is embarrasing...

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

This is embarrasing...