PIX 515E.... Urgent..

Unanswered Question
Jul 2nd, 2008

Hey Guyzz

I have a PIX 515E firewall and it frequently loses Internet Connectivity and in order to restore it, I have to reboot my firewall and everything becomes normal.

I have to reboot after every half an hour.

Could any 1 help me out with this issue.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
1cmerchant Wed, 07/02/2008 - 04:59

I'd start by enabling syslogging if you haven't already done so and turn up the traps to the debugging level. Also might want to consider capturing the console output from one of the frequent manual reboots to see if anything shows there. Other than that I'd suggest getting a TAC case open as there are lots of things this could be.

hussainseth Wed, 07/02/2008 - 10:38

thanks for your response. Well in my office network connectivity goes down frequently. we cannot access neither Internet nor our mail server in DMZ. I have to reload the Firewall in order to restore connectivity. Please find attached running configuration.

JORGE RODRIGUEZ Wed, 07/02/2008 - 19:41

Hussain,

Before you reboot the device you have to either telnet to the PIX or console if it does not responds to telnet and conduct some test such as pinging your default route, and ping fruther upstream. Your description of lossing internet would be one thing but at the same time not able to connect to the mail server in the DMZ from inside which does not depends on internet seems very odd, so when this connectivity problem occurs console to the pix and try pinging mail server ip local address 10.10.10.2 in DMZ , default route, and ping by ip a public address such as www.yahoo.com at 69.147.76.15 which accepts icmp queries, with this simple test you can narrow down troubleshooting efforts, have you tried these tests before rebooting pix?

Rgds

-Jorge

hussainseth Wed, 07/02/2008 - 22:42

ya i have tried that. I can ping the firewall. ya i know DMZ doesnt depend on Internet but its true that i cannot access my DMZ internally. i can only ping firewall. i cannot ping the public address too. One more thing, when my connectivity is lost, all my access-list gets deleted automatically and after reloading it comes backup. This is really very strange.

Actions

This Discussion