I have a 2621xm K9 bundle with 12.2(8)T4 running inspect, nat, vpn, ospf
System was installed and configured and working for 4 hours then stopped. when I look at the inspect sessions all the static nat sessions are shown as half open sessions and I cannot access the smtp server through the static nat.
Also had mrtg monitoring the public interface via snmp and this has stopped although the acl still shows matches. can only access snmp on the private interface now.
I have seen this on routers where the network PCs were infected by viruses.
How many half open sessions do you see? Do you see suspicious target ip addresses? Maybe you also see many half opened sessions to external ip addresses with target ports 137-139? In all that cases you should consider to scan for viruses.
There is a limit of half open sessions, after which the router stops forwarding (300 or 500 half open session by default, I think)
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...