cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
456
Views
0
Helpful
1
Replies

FWSM: Strange xlate causing lost connectivity

hoffa2000
Level 3
Level 3

Hi (again)

I've had some really weird problems with my FWSM after a migration this weekend.

The network as set up as seen below, "ApplicationNet" and "UserNet" have the same security level and I have "same security permit intra interface" enabled.

Internet

|

|

FWSM----ApplicationNet

|

|

UserNet

I have a static set up to redirect web traffic to a server on our DMZ, and this is causing me alot of problems.

Suddenly the users from the Internet cannot access the web service and neither can anyone on the UserNet.

I do a show xlate detail and get the following result

Flags: D - DNS, d - dump, I - identity, i - inside, n - no random,

o - outside, r - portmap, s - static

1223 in use, 10418 most used

NAT from INTERNET:217.15.245.131 to INTERNET:217.15.245.131 flags Ii

I do a clear xlate on the global IP and the same show command then gives

Flags: D - DNS, d - dump, I - identity, i - inside, n - no random,

o - outside, r - portmap, s - static

1168 in use, 10418 most used

NAT from DMZ:192.168.144.201 to INTERNET:217.15.245.131 flags si

And once again the web service is accessible. Then later the same day I get the same problem again and can't see anything on the syslogs despite running on debug level.

Whats going on here?

/Fredrik

1 Reply 1
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: