Hello all. I've got person with an IP address (auto-assigned from her ISP) who is trying to access my website and they get no response. Logs show that a connection was opened,outgoing packets from our webserver denied due to lack of a connection entry, and then the connection's torn down.
My configuration has no "ip subnet-zero". Is this feature not available in PIX 7.0(2), and is this this even a factor? I have two PIX 515's in failover mode, and the hosts behind are connected to two trunked Catalyst 3650's.
Below are entries from the firewall log. Any help you can render would be greatly appreciated.
Feb 4 14:13:25 192.168.0.1 Feb 04 2010 14:13:35: %PIX-6-609001: Built local-host outside:X.X.X.0
Feb 4 14:13:25 192.168.0.1 Feb 04 2010 14:13:35: %PIX-6-106015: Deny TCP (no connection) from 192.168.0.2/80 to X.X.X.0/17743 flags SYN ACK on interface inside
Feb 4 14:13:25 192.168.0.1 Feb 04 2010 14:13:35: %PIX-6-609002: Teardown local-host outside:X.X.X.0 duration 0:00:00