PIX 515 TCP connections halted for HTTP based traffic
I have a PIX 515 with three interfaces. Outside, Inside, and DMZ. I have had no problems accessing or browsing the internet from inside to the outside. I have recently setup a DMZ to host a mail server, and communication is working fine inside and outside to the DMZ. The problem came when I added a MS portal server on the inside network and an HTTP server in the DMZ. They will communicate perfectly for an Hour or so and then fail with a transmission error almost as thought the PIX denied there requests. I have added the following fixup protocol commands thinking it might be having an intermittent problem on this other port, but had no luck. I am running version 6.2(2). I couldn't find any know bugs or field bulletins relating to this problem and am totally stumped. Anyone have any IDEAS? Oh yeah, I temporarily moved the two servers in the DMZ to bypass the firewall and they work without a problem. Move them back and it works for awhile and then suddenly stops
Re: PIX 515 TCP connections halted for HTTP based traffic
I am having a similar problem. My situation is such that I have two machines behind the PIX on the inside interface. One of them is a RedHat 9.0 box (dual-homed) and the other is an MS Proxy 2.0 box (dual-homed). The issue is that I can not seem to get to HTTP sites from the Redhat machine, however, I can get to FTP sites, and DNS works as well.
The MS Proxy works just fine - http, ftp, dns, etc.
I have the following on the PIX:
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0 norandomseq
I see translations for both machines when I do a sh xlate, but the Redhat box still has problems.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :