Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
266
Views
4
Helpful
4
Replies

PIX515 and SMTP problems

christopher.beyer
Level 1
Level 1

‎06-10-2006 03:29 PM - edited ‎03-09-2019 03:12 PM

Hello!

I have a PIX 515 (ver 6.3) that seems to be dropping packets that it should not, and I am not sure how to figure out why.

Specifically, when I use a client on the private side of the PIX to connect to a server on the public side (FTP, SMTP, etc.) I start seeing retransmissions/duplicate acks after the connection is succefully established. Using ethereal, I everything hitting the public side of the PIX, but for some reason it does not get through.

I have checked the usual things: WAN link congestion, LAN interface errors, CPU utilization, ACL violations, etc. I have not been able to determine the reason.

Does anyone have some advice on other things to check?

I am only running 32mb of RAM (and I think the reccommended for 6.3 is 64MB)... could this be a possible cause?

Thanks for your help!

-->Chris

Labels:
0 Helpful
4 Replies 4

a.hajhamad
Level 4
Level 4

‎06-11-2006 07:24 AM

Hi Chris,

I don't thing that memory is the problem.

You need to do many tests like...

- Check from the private subnet from a PC connecting to an FTP,SMTP server at the interface other than public. i.e. Try to configure an FTP server and place it in that new subnet (DMZ), and start testing from a private PC.

- OR place that PC in this new subnet (DMZ) and start connecting to the Public FTP,SMTP server that you mention above.

I think these tests will help you troubleshoot your case.

Plz. update me about your results.

Thank you

Abd Alqader

christopher.beyer
Level 1
Level 1
In response to a.hajhamad

‎06-12-2006 03:16 AM

Abd -

Thanks for your input. Here is basically what I have done:

- I placed a test PC on the outside of the PIX, and ran FTP/SMTP to multiple hosts through my Internet link with no issues.

- When I use the same PC (on the private side of the PIX) to perform large FTP/SMTP transfers, I start getting drops and retranismissions.

I don't have any additional interfaces to use for creating a new DMZ for testing on my PIX... I suppose I could make the private interface a trunk and try to build a DMZ that way. Will that help narrow down the problem?

It seems by using the Test PC to remove the PIX from the scenario (and testing successfully), it is safe to say the PIX is the problem. I just don't know why it is the problem....

.. I have attached a diagram to help make the explanation of what I have done to troubleshoot so far a little clearer.

--->Chris

Preview file
67 KB
0 Helpful

jmia
Level 7
Level 7

‎06-12-2006 04:08 AM

Chris

Your issues might be related to IDENT on the public side servers, take look here to see if this helps:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094317.shtml

Let me know how you get on.

Jay

christopher.beyer
Level 1
Level 1

‎06-14-2006 09:24 AM

Thanks to everyone for your responses to my problem!

I installed additional memory to bring the friewall up to 128MB and my problem seems has dissappeared.

-->Chris

0 Helpful
Customers Also Viewed These Support Documents