Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static translation problem

Hi All,

I have the following configuration for DMZ

access-list permit-outside permit ip any any

static (DMZ,external) 1.1.1.0 1.1.1.0 netmask 255.255.255.224 0 0

access-group permit-outside in interface external

1.1.1.0/27 are real ip addresses,

the problem is that if I start pinging hosts from outside to the DMZ I have a large packets loss, and it looks like the hosts behind the pix in dmz are disapearing for 2-3 seconds, then they appear, but if i ping from hosts in DMZ to the outside I do not have packet loss at all.

The same is true for a other protocols, a simple ssh session have the same problems.

Will appreciate any help,

Thanks

1 REPLY
Silver

Re: Static translation problem

It sounds like it could be an ethernet problem with autonegotiation of speeds. Can the outside hosts and/or dmz hosts reliably ping the interfaces of the PIX? If there is a duplex or speed mismatch between the interfaces of the pix and a managed switch, you could see that kind of packet loss

102
Views
0
Helpful
1
Replies
CreatePlease login to create content