We have PIX 501 firewall outside interface connected via a cross-over cable to a Verilink IADs 8000 which is basically an ADSL modem. Everything worked fine until recently. Now there seems to be no connection between the PIX and the modem, I cannot ping default gateway of the PIX. We checked cabling, replaced the PIX and the cross-over cable with the same result. I connected a laptop directly to the modem instead of the PIX and there still was no connectivity. Then I played with the laptop NIC settings and found out that if the NIC is set to 10MBit/Half duplex the connection works. Now I setup PIX outside interface port to 10baset, there is a connection but with a lot of time-outs when pinging remote host. I replaced the PIX with cheap NetGear firewall and it was working straight away. Finally I placed a switch between the PIX and the modem and it worked.
To sum up the test results:
Production PIX - no connection
Replacement PIX - no connection
Laptop (NIC on auto) - no connection
Laptop (10mb/half) - connected
Prod PIX on 10MB/half - connected with drop-outs
NetGear firewall - connected
We have got four other locations with exactly the same config PIX 501-ADSL Verilink 8000 and all works fine.
It seems to me we are having some ethernet-level problem between the PIX and the modem. Our provider does accept they modem could be faulty as long as we managed to connect from the laptop.
Now the questions.
1. Why the PIX does not have connectivity when connected directly and it does when connected via a switch?
2. Is there any way to look into what is happening on the PIX interface at the ethernet level?
Any thoughts, advice, suggestion on troublshooting and, possibly, shifting the blame to provider are greatly appreciated.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...