12-22-2005 03:19 PM - edited 03-09-2019 01:27 PM
Our PIX stops responding to pings and does not appear to be passing traffic. Power off/on temporarily fixes the problem for 1-4+ hour hours. What should I look for?
12-22-2005 08:28 PM
lowell,
check for the CPU utilisation of the PIX . use the command "sh cpu usage" and see if the CPU is normal. Also check for errors on the pix, switch port... Are you able to ping the inside interface without any problems when the PIX does not respond ???
Raj
12-23-2005 05:04 AM
Raj, Pings works when traffic is normal. PIX has been stable for past 14 hours - but rebooted 6 times yesterday - it had gone several months OK before that. Greg.
12-23-2005 07:34 AM
It failed again. Messages stopped going to syslog. Console port did not respond. Inside did not ping. Last few syslog messages were warning level - no errors. Power off/on got it going again. CPU Usage in first few minutes after reboot was about 15%. Any thoughts? Thanks in advance, Greg
12-23-2005 09:37 AM
Hello
which OS are u using in PIX ?? Which series of PIX ??Need to check for the caveats in the OS. try using a sniffer on the inside and SPAN the traffic.. See if there are any abnormal traffic when the problem occurs.... or else, raise a tac and replace the hardware, as a last resort....
|
Regards
Raj
12-23-2005 12:46 PM
PIX 515-UR PDM V1.0(1) OS 6.3(1). No protocal analyzer available. Odd that even the console freezes - never had one do that before. Thanks.
12-29-2005 06:31 AM
Just an FYI. This issue appears to have been caused by an attack on my system originating from the ripe.net controlled segments. It has been a while since my PIX has crashed (it's bad when 36 hours seems like a long time). My syslog has been showing greatly reduced traffic. Lesson - keep a working syslog server so you can tell what is normal traffic levels and what isn't. I still think that the firewall should have handled the connection attempts so I may have hardware problems.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: