We've recently had some odd issues with certain internal IP's getting blocked from accessing our DMZ. It seems almost random, one user will loose access and the only thing that will restore it is to get a new IP address. I haven't found any events logged anywhere that would explain it, the connection simply times out. I've eliminated other switches or domain controllers as a possibility, traffic gets to the PIX, just not throught it. Any ideas?
I would check the NAT configuration on the PIX from the inside to the DMZ. Also, I would verify that resources on the PIX are not being exhausted (xlate table filled, etc). Please reference the following document for some additional items to verify:
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...