How to check the neigbor devices in PIX (something like CDP)

PIX firewalls do not support CDP protocol. It's security device, and should be as invisible as possible... :-)

Good luck,

Mike CCNP, CCDP, CCSP, Cisco Voice, MCSE W2K, MCSE+I, Security+, etc. CCIE R&S (in progress), CCIE Voice (in progress)

------ Headset Adapters for Cisco IP Phones

I know PIX doesn't support CDP and it shouldn't. My question was what is the way to check the directly connected neigbor device from PIX without physically seeing the connections.

Phoneswww.ciscoheadsetadapter.comwww.headsetadapter.com

quoted text -

No, there isn't.

What about checking the arp table? It will give you at least the mac address of the directly connected devices.

Only if the PIX has needed to talk to those devices, which is not generally the case. If I recall correctly, PIX 7 is being discussed here, which implies a PIX with multiple physical interfaces, the 'inside' one of which is connected to a router or switch (not a PIX 501 where end devices might be plugged directly into the firewall.) So the "directly connected neighbour device" is going to be some kind of distribution device rather than an endpoint -- and distribution devices won't show up in the arp table unless the PIX has reason to talk to the device itself. (Correction: if the distribution device is a router, then one of the router's MAC addresses is what would show up in the ARP table, for any IP address that gets routed through the device rather than switched.)