Pix 515e stops nating out of the blue

bob · ‎01-24-2003

Currently i have a pix 515e serving three buildings. Recently i have had a problem where every 2 days it will just stop nating. If i reboot the pix everything is grand and works well. Its an unlimited license so i know thats not the issue.. I first thought possibly my ISP may have provided me with the wrong range of IPs so i narrowed my pool down and still have the same problem.

heres a snipit of my config regarding nat, and pool.

global (outside) 2 xxx.xxx.xxx.231-xxx.xxx.xxx.240

nat (inside) 2 xxx.xxx.xxx.0 255.255.255.0 0 0

Should I try simply nating to one single external IP?

I have come to the conclusion that NAT isnt working via ping. 2 machines beside each other, one not having internet and the other one does. The one which works ( and yes its going through the pix) can ping anything in the world. The one that doesnt can no ping even my ISPs router. I were say to ping a domain it doesnt even resolve the IP. (DNS external)

Anyone else have this problem?

wolfrikk · ‎01-24-2003

You will need to configure your global statement with one IP Address if you need more than the 10 IP's you have in the current global statement. When you use multiple IP's in the global statement it creates a NAT which does a one to one mapping of external to internal IP's. When the 10 external IP's are all mapped to an internal IP, the PIX will stop natting until a connection if released. Using one IP Address in the global statement creates a PAT which uses port mapping to create a one to many mapping from the single external IP Address to many internal IP Addresses.

bob · ‎01-24-2003

Thank you sir, I will make the change tomorrow while no one is in the office and post back the outcome.

Thank you.

-Bob