Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix 520 & Nat issue

I have PIX 520 with "PIX Version 4.2(4)". Some inside workstations are permitted to go to Internet through the PIX using NAT and Global commands.

Suddenly some of the workstations can't reach the Internet, and I must do "clear xlate" to enable them to reach the internet again

Are threr any fix?

MZ

5 REPLIES
Silver

Re: Pix 520 & Nat issue

Please execute a show version on see if your PIX has a limited session license. It sounds to me that you´re having a limited session license, while having more internal users then your license. This would give this kind of behaviour.

Kind Regards,

Leo

New Member

Re: Pix 520 & Nat issue

The "show version" results stated that:

PIX version is 4.2(4) with 8 MB flash

and 128 MB RAM, and it's unlimited license.

On the other hand, this PIX with the same configuration was working properly for 2 years before I get the current problem

Best regards

MZ

Gold

Re: Pix 520 & Nat issue

Hi -

Can you post any syslog messages when your inetrnal users get dropped.

Thanks -

Silver

Re: Pix 520 & Nat issue

Hi,

I have had a similar problem (interface stops forwarding for all stations on one interface).

After several months of problems we made a TAC case of it, and after several things trying (TAC could not determine the problem) we did one thing that gave the solution. What we did?

We disabled all logging!

After talking to TAC again we believe that the PIX 520 does not handle logging buffers to well, and that at some point CPU or memory loads peaks when it is logging, causing to stop an interrupt (sometimes it where two interfaces stopping and even sometimes the whole PIX booted spontaniously)

Don't know if this can be the cause of your problems to, but it is worth a shot, don't you think? So, I would disable all logging for a while, and see if problems are over.

Kind Regards,

Leo

New Member

Re: Pix 520 & Nat issue

Hi,

For sorry, all logging are disabled on the PIX, and I have no syslog servers

Best regards

MZ

133
Views
0
Helpful
5
Replies
CreatePlease login to create content