02-03-2009 12:35 AM - edited 03-11-2019 07:45 AM
Gents,
<br />
<br />I have an intersting problem, my company is having timeout problems when accessing a particular web site - this site can be accessed through a standard ADSL conneciton. We have a PIX 515 OS 8.x at the front of our corporate network.
<br />
<br />My question is this:
<br />
<br />How can I capture the return http packet information on the outside interface, bearing in mind that the connection has already been established via the ACL on the inside interface.
<br />
<br />I need to try and establish if the original syn packet has recieved an syn-ack reply.
<br />
<br />Thanks
<br />
<br />Rod
02-03-2009 12:55 AM
Hi,
if you know the destination ip, then create an adequate ACL and capture on outside interface.
For example: webserver - 1.1.1.1
access-list test permit ip any host 1.1.1.1
access-list test permit ip host 1.1.1.1 any
capture test access-list test interface outside [trace detail]
Regards, Celio
02-03-2009 01:30 AM
Hi Celio,
I have got the information I require by carrying out the sh conn command, however the site I am havinf problems with is showing a saA flag - I understand that this flag indicates that the PIX is awaiting a response, does this mean that there could be an conflict with the web server IP address and one of the pix security features????
thanks
rod
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide