Pix 515 - Periodically unable to route traffic out "outside" int

Unanswered Question
Oct 24th, 2007
User Badges:

Hi,


Got a problem with one of our Pix 515's - A couple times a day, it will stop routing traffic out of the outside Int(To the Internet) - Attempting to ping anything results in:



ping dns_servers_ip

Sending 5, 100-byte ICMP Echos to dns_servers_ip, timeout is 2 seconds:

?????

Success rate is 0 percent (0/5)


Reloading the device resolves the issue:


ping dns_servers_ip

Sending 5, 100-byte ICMP Echos to dns_servers_ip, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/10 ms


Have tried replacing eth cable....did not resolve problem.


Version: 7.0(2)


Hoping someone has come across this issue before?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Tue, 10/30/2007 - 14:08
User Badges:
  • Silver, 250 points or more

The problem could be that the translation table getting full and thats why none else traffic is able to go out, and the traffic starts to flow again when the Pix is rebooted because the translation table gets clear. This could also be a result of a possible virus or DoS attack. Take the syslogs of Pix in informational level to check for the traffic flowing through it.

reeddavid Fri, 11/16/2007 - 05:50
User Badges:

I had a similar problem, eventually found it was ip address conflict. Make sure nothing else has same IP as your Pix

thebrom Mon, 11/19/2007 - 09:50
User Badges:

sounds like arp poisoning of sorts, have you applied the sysopt no proxy arp inside command? If not that may resolve the issue.

sbaddipudi Mon, 11/19/2007 - 16:38
User Badges:

You can check the arp entries when it works and when it doesn't work


satya

Actions

This Discussion