I setup a Pix 501 with PAT. Static NAT systems and computers that are on do not have any issues. Any computer that is turned off and then back on can't access the internet. ICMP works. TCP does not. I have to go in a clear xlate then the computer can access the internet. Last couple of mornings users have complained they can't get on the Internet until I get in a clear xlate. Below is my nat config and xlate timeout.
How many licenses do you have for this device? Are they being tapped out? Clearing the xlate table would fix the issue since it would allow for all new connections, but if you have a 10 user license and you have 15 users, 5 users won't be able to get on until some others time out.
You can do a "sh ver" to see what your license count is.
Thanks, that was it. For some reason I though I had the unlimited. Didn't even think about that. I am assuming it is using the arp table to cound licenses. Will a deny acl block systems from using up one of the licenses?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...