I would seek advise on below issue and appreciate of your assistance.
The Pix IPsec configuration is site to site. There is many acl_mdc_outside_crypto_-1_xx to difference sites from single location (AA).
When there is an issue to access lotus notes application from Site AA to Site BB, all other services are up and working. All Ipsec are working fine.
This happen one to two time per week. When it happen, users at Site AA simply cannot access lotus notes only, but other user at other sites, face no issue. The issue was resolved after remove the one of ACLs rules and add back the rule at Site AA Pix firewall.
Do you know why? I had replace new firewall, same model with difference IOS version.
Thank you very much.
Below is Site AA PIX firewall configration:
IOS version: 7.2(4)
access-list acl_mdc_outside_crypto_-1_24 extended permit ip host x.x.x.x host x.x.x.x
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...