PIX randomly blocks remote VPN client IP addresses
My PIX 515-E (7.2) blocks IP addresses assigned to Remote VPN users. It seems that blocked IP address are chosen randomly and they are accumulating overtime. I didn't pay attention to it until number of blocked IP addresses become significant. The only way to figure out which IP address is blocked is to run packet-tracer.
10.100.0.100 -- internal address,
10.100.5.167 -- address assigned to Remote VPN client from 10.100.5/24 pool:
Re: PIX randomly blocks remote VPN client IP addresses
These lines look pretty normal to me. This is where dynamic crypto map gets attached to crypto map with lowest priority, and then crypto map is attached to outside interface. Or am I missing something?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...