Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

pix 520 to many connection

i am having a problem which is the number of connections is growing om the pix over 300 000 connection ,the main problem that the idle connection does not be closed .

if i make clear xlate nothing happend, i must reboot the pix

4 REPLIES
New Member

Re: pix 520 to many connection

What version of the PIX OS are you running? This may be a known bug.

New Member

Re: pix 520 to many connection

the Version 5.1(2)207

New Member

Re: pix 520 to many connection

Need just a little more information. If your show conn is showing that DNS connections are not being released, then it may be bug:CSCds02935

Here's the release note:

DESCRIPTION:

PIX versions 5.1 and above may sometimes not release the UDP DNS connections

after the DNS query has resolved.

If a client makes a DNS query through the PIX, and received the reply, the

PIX marks the connection as removable, but does not delete the connection

entry as indicated by the output of a "show conn".

EXAMPLE:

The output of a "show conn" on the PIX will show many UDP entries, all with

the D- flag set. These are entries that can be deleted, but have not been.

FIX:

This bug has been fixed in 5.1(5), 5.2(4), and 5.3(1).

HTH

Jeff

New Member

Re: pix 520 to many connection

Sounds like you need to change your xlate timeout settings. You might try to update the code and change the xlate time out.

115
Views
0
Helpful
4
Replies
CreatePlease to create content