12-06-2005 11:25 AM - edited 02-21-2020 12:34 AM
Hello,
for the last week or so since we put in a pix 501 (6.3.4)with a 10 user license there has been at random times one PC (not always the same one) which cannot access the Internet on a LAN with 12 computers. The last time this happened I checked the PIX translations by doing a sh conn and it said 0 in use, 70 most used. There were 12 PC's in the ARP table, and I was able to restore access to for this PC by doing a clear xlate. Is this possibly a license issue, I know the conn table had 0 in use, but 1)how exactly does the PIX count this 10 user restriction?
2)Is there a specific syslog message that is generated when this count is exceeded?
3) I reduced the xlate timeout default to 30min and the conn timeout default to 20min, any other ideas on what could be happening?
-patrick
12-06-2005 02:40 PM
hi,
what were the number of xlat entries at that time.
you should issue "show xlat" not "show conn" for that.
yes there should be specific syslog generated
thanks
Nadeem
12-07-2005 09:08 AM
Hi Nadeem,
I don't know what the count of xlate's was during the time of the PC not being able to access, but this is what the current table looks like:
xxx# sh xlate
10 in use, 105 most used
PAT Global xxx(2829) Local 10.0.0.60(1082)
PAT Global xxx(2831) Local 10.0.0.60(1085)
PAT Global xxx(2830) Local 10.0.0.60(1084)
PAT Global xxx(1633) Local 10.0.0.2(1052)
PAT Global xxx(2833) Local 10.0.0.60(1088)
PAT Global xxx(2832) Local 10.0.0.60(1087)
PAT Global xxx(1635) Local 10.0.0.60(1083)
PAT Global xxx(1634) Local 10.0.0.60(1081)
PAT Global xxx(2834) Local 10.0.0.71(1174)
PAT Global xxx(1636) Local 10.0.0.60(1086)
I didn't see anything in syslog, however I'm only doing buffer logging, I may have missed it.It shows 10 in use, from 3 IP's. how does the PIX see this license wise?
Thanks for your help
-Patrick
12-16-2005 03:40 PM
the license is based on IP addresses and not based on the number of connections from a single IP or number of xlat entries.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide