Link to home
Start Free TrialLog in
Avatar of kecoak
kecoak

asked on

CISCO PIX default value?

http://www.fredshack.com/docs/ciscopix.html

"
no rip outside passive
no rip outside default
no rip inside passive
no rip inside default " 

If I remove this line from the config file, is that mean RIP is enabled by default? I am just confused , what would be the default value for each config parameters if it is not shown on the config files? Any references for this/


# wr t
 
Building configuration...
: Saved
:
PIX Version 5.0(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password oKroi3K/PjdKC0cb encrypted
passwd Qsk.IjEXMTnDdvO0 encrypted
hostname mypix
fixup protocol ftp 21
fixup protocol http 80
fixup protocol smtp 25
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol sqlnet 1521
names
pager lines 24
no logging timestamp
no logging standby
no logging console
no logging monitor
no logging buffered
no logging trap
logging facility 20
logging queue 512
interface ethernet0 auto
interface ethernet1 auto
mtu outside 1500
mtu inside 1500
ip address outside 100.100.100..253 255.255.255.0
ip address inside 172.20.1.253 255.255.0.0
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14
global (outside) 1 100.100.100..20-100.100.100..250 netmask 255.255.255.0
nat (inside) 0 200.200.200.0 255.255.255.0 0 0
nat (inside) 1 172.20.0.0 255.255.0.0 0 0
static (inside,outside) 100.100.100..3 172.20.1.125 netmask 255.255.255.255 0 0
static (inside,outside) 100.100.100..4 172.20.1.102 netmask 255.255.255.255 0 0
conduit permit icmp any any
conduit permit tcp host 100.100.100..3 eq domain any
conduit permit udp host 100.100.100..3 eq domain any
conduit permit tcp host 100.100.100..3 gt 1023 any
conduit permit udp host 100.100.100..3 gt 1023 any
conduit permit tcp host 100.100.100..4 eq 6101 host 100.100.100..1
conduit permit tcp host 100.100.100..4 eq 6101 host 100.100.100..2
no rip outside passive
no rip outside default
no rip inside passive
no rip inside default
route outside 0.0.0.0 0.0.0.0 100.100.100..254 1
route inside 0.0.0.0 0.0.0.0 172.20.1.254 1
timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
telnet 172.20.1.99 255.255.255.255 inside
telnet timeout 5
terminal width 80
Avatar of ondemandns
ondemandns

Well, RIP is not enabled by default on PIX interfaces.  I'm not sure why these commands were included in the example config.  I guess the example is showing how one could forcefully turn RIP off for the "inside" and "outside" interfaces.
If you purchased the PIX used it may have been put in the config just to ensure the system worked correctly when delivered.
ASKER CERTIFIED SOLUTION
Avatar of naveedb
naveedb

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial