12-15-2005 01:52 AM - edited 02-21-2020 12:35 AM
I have this problem with my PIX 525 running version 7.0(1). almost every packet being sent or received by the pix for PATed traffic is retransmitted or receives duplicate ACKs. I've seen this reported as a bug on version 6.3 but not on 7.0(1)
Traffic not PATed seems fine.
Has anyone else encountered this problem?
I'm going to upgrade from 7.0(1) to 7.0(4) as soon as possible but not sure this will fix it.
There are no errors on the interface.
Currently all the traffic flows through gig0 as different vlans, even inside and outside.
Any help would be appreciated.
12-21-2005 07:39 AM
I think the issue is Uses TCP and excessive connection requests. To avoid this confiure SYN flooding which is a Type of DoS Attack Prevention.
12-22-2005 01:04 AM
The problem is that it seems to be valid traffic originating from inside our network.
This problem occurs even with the web traffic I am generating as I'm writing this reply.
All traffic from inside when PATed out seems to have this problem, traffic not PATed works fine.
Whenever traffic is sent out the outside interface of the PIX with the source address of the PIX this problem occurs.
Therefore I don't think it's a SYN flood related problem.
12-22-2005 03:16 AM
Hello, you are right in what you say and if you upgrade it will cure the issue. I suggest you upgrade to 7.0.4.4 interim as there are many bug fixes in here. (37 from 7.0.4.1 to 7.0.4.3 alone) I had a PIX 515E running like a dog that was using PAT and after the upgrade is now ok.
I hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide