Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: Scheduling PIX commands
From: Brian Ford <brford () cisco com>
Date: Mon, 04 Aug 2008 19:07:28 -0400

Ian,
  
This is why you are pad the big bucks (or pounds).

Even if there was a way of executing a clear xlate (or any other connection
impacting command) you should be sitting in front of a console within a few
minutes walk of the actual appliance when you execute the command.

You should also be thinking about testing that the Firewall and associated
equipment is back up and running properly after the action as part of your
change control activity.

Liberty,

Brian

On 7/9/08 12:00 PM, "firewall-wizards-request () listserv icsalabs com"
<firewall-wizards-request () listserv icsalabs com> wrote:

Date: Thu, 03 Jul 2008 15:22:49 +0100
From: "Ian Rarity" <Ian.Rarity () espc com>
Subject: [fw-wiz] Scheduling PIX commands
To: "Firewall Wizards Security Mailing List"
<firewall-wizards () listserv cybertrust com>
Message-ID: <486CEECC.30AB.00D5.0 () espc com>
Content-Type: text/plain; charset=US-ASCII

Hi all,

We've just made some changes to our PIX config, and we need to clear
the xlates to make the changes fully live.  The only problem with this
is that we also have another system that will react badly (to put it
mildly) to the state of all its connections disappearing when we do
this.  This system gets an hour's downtime at 2am, so the ideal time to
clear the xlates on the PIX seems obvious.
The only problem is that, although I'm mainly nocturnal, I really can
think of better things to be doing at 2am than sitting in our server
room.  Does anyone know of a way to schedule commands to run at a
specified time on a PIX 6.3 firewall?

Ta,
IR.

*********************************
Ian Rarity
Technical Engineer
ESPC (UK) Ltd.
T: (44)131 624 8000
F: (44)131 624 8509
http://www.espc.com ( http://www.espc.com/ )

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault