for the last week or so since we put in a pix 501 (6.3.4)with a 10 user license there has been at random times one PC (not always the same one) which cannot access the Internet on a LAN with 12 computers. The last time this happened I checked the PIX translations by doing a sh conn and it said 0 in use, 70 most used. There were 12 PC's in the ARP table, and I was able to restore access to for this PC by doing a clear xlate. Is this possibly a license issue, I know the conn table had 0 in use, but 1)how exactly does the PIX count this 10 user restriction?
2)Is there a specific syslog message that is generated when this count is exceeded?
3) I reduced the xlate timeout default to 30min and the conn timeout default to 20min, any other ideas on what could be happening?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...