PIX 515E Suddenly Dropping VPN Connections- Need Troubleshooting Tips/Adv
Hi All- I've got a PIX 515e that acts also as our main VPN server (local authentication group, etc). This thing has been solid for almost a year. No config changes, no nothing. In the past week it's suddenly started acting bizarre, throwing people off the VPN (we use the Cisco 3.6 VPN client), choaking the Internet connection (we have a full T) despite the CPU utilization appears fine, nothing noticeable shows in the logs and the max connections I'm seen is about 250 at my peak period. 64 MBs of ram on the box, etc.
I've inherited this thing from someone who was much more of a PIX admin than I am so I'll take any ideas, how to's, etc. I won't be insulted with the 101 type stuff if it helps me get to the root of the issue.
By the way, I'm using 6.1.3 for the PDM which I upgraded to about a month ago.
Re: PIX 515E Suddenly Dropping VPN Connections- Need Troubleshoo
Not sure if this will help but I had the same situation happen with my PIX 515E. It was also dropping VPN connections and slowed traffic.
I discovered the culprit was the "fragment " command which I had applied along with some other security settings. I turned it off and everything worked fine again. I need to learn more about that command before I try it again.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...