[c-nsp] disable stateful firewall on PIX?
Michael K. Smith
mksmith at adhost.com
Thu Apr 13 13:36:27 EDT 2006
On 4/13/06 10:28 AM, "Adam Greene" <maillist at webjogger.net> wrote:
> Hi,
>
> We have to run asymmetrical routing on a couple of IP blocks for a couple of
> days (i.e. traffic will exit one end of our autonomous system and enter at
> the other end). Both ends are protected by PIX-515's (IOS 6.3(4) and
> 6.3(3),).
>
> Is there a way to temporarily disable stateful features on the PIXes for
> these specific IP blocks? Pounding our heads against CCO has not yet yielded
> any constructive results.
>
> Thanks,
> Adam
>
>
Hello Adam:
I'm not sure if this is the answer you're looking for, but it sounds like
you're having difficulty with the reverse path verification process. If
that is the case, try:
No ip verify reverse-path interface <if_name>
If that's not it, sorry for the noise!
Mike
More information about the cisco-nsp
mailing list