Pix 515 - Periodically unable to route traffic out "outside" int

Unanswered Question
Oct 24th, 2007

Hi,

Got a problem with one of our Pix 515's - A couple times a day, it will stop routing traffic out of the outside Int(To the Internet) - Attempting to ping anything results in:

ping dns_servers_ip

Sending 5, 100-byte ICMP Echos to dns_servers_ip, timeout is 2 seconds:

?????

Success rate is 0 percent (0/5)

Reloading the device resolves the issue:

ping dns_servers_ip

Sending 5, 100-byte ICMP Echos to dns_servers_ip, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/10 ms

Have tried replacing eth cable....did not resolve problem.

Version: 7.0(2)

Hoping someone has come across this issue before?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Tue, 10/30/2007 - 14:08

The problem could be that the translation table getting full and thats why none else traffic is able to go out, and the traffic starts to flow again when the Pix is rebooted because the translation table gets clear. This could also be a result of a possible virus or DoS attack. Take the syslogs of Pix in informational level to check for the traffic flowing through it.

reeddavid Fri, 11/16/2007 - 05:50

I had a similar problem, eventually found it was ip address conflict. Make sure nothing else has same IP as your Pix

thebrom Mon, 11/19/2007 - 09:50

sounds like arp poisoning of sorts, have you applied the sysopt no proxy arp inside command? If not that may resolve the issue.

sbaddipudi Mon, 11/19/2007 - 16:38

You can check the arp entries when it works and when it doesn't work

satya

Actions

This Discussion