I currently have our Windows 2000 development servers located in our DMZ seperate from our internal zone. I create a share on these machines for our development guys to transfer files directly to the environment and lock the shares down to only their accounts. I am having issues with the machine dropping the share connections randomly. The dev guys can reconnect right after the disconnect, but its really inteferring with their development work. I use a Cisco Pix 520 with and internal zone and a DMZ zone for the dev machines and a 6509 with seperate VLANs for internal, DMZ, external zones. I've even experienced this issue when I connect to copy files locally to my system before I moved them to the live production systems. I've also checked the memory usage on the machines and there is plenty of free memory. Does anyone have any suggestions as to what may be happening.
I had the same issue, users on the inside network were losing connection to windows shared directory randomly which is located on the DMZ segment. I fixed this issue by giving static NAT IP address to the windows 2000 server. Before users were using global IP address (PAT) to connect to windows server and hence having this issue. PAT doesn't work very well with Netbios sharing.
this bug fix was included with SP4 so if you have that you have the fix. i am running SP4 and still experiencing the issue. when i move the machine back into my internal network the issue goes away, so i strongly believe it to be an issue with the PIX. most likely in the configuration, but I haven't had time to setup a new test lab to test different configs.
anyway, our setup is little bit different - we've got 7600 routers with FWSM blades. there's a w2k (with sp3) server which belongs to VLAN x and some w2k workstations in VLAN y. traffic between those subnets is passed through nat 0 access-list feature. problem occurs while copying bunch of files (~600 megabytes)from this server to a client (transferring it from command line says "network name is no longer available" after some time of copying). I've been doing some port monitoring and packet capturing with tools like ethereal, but they haven't revealed anything interesting. the share is available after dropping the connection. the server is connected to the switch with two broadcom NICs with load balancing feature (different MACs, common IP address) and whole setup does not suffer any performance problems. hints anyone?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...