I'm trying to track down the source of a strange and somewhat illusive issue we are having with Apple client's and internet access.
We have roughly 500 wintel nodes and a handful (perhaps 70) apple nodes accessing the net via a PIX515E Failover pair running version 8 of the pix software. Every once in a blue moon an Apple user will complain that they are unable to use HTTP/SMTP/POP ect. They have full connectivity to the network, can ping and do everything except pass beyond the PIX.
Changing the machines IP address seems to resolve the issue until said user returns 6 months later with the same issue. With 70 odd machines doing this every once in a while, randomly setting static IP's on these machines to get around the issue isn't really the best solution.
I'm basically wondering 2 things:
1) Has anyone seen anything even remotely similar before?
2) Am I correct in sniffing along the shun path with the 515's?
ANY help or pointers, or well, anything really, would be much appreciated!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...