Search results for query: *

Yes, when we point it back to the old Exchange server, we change both of the two statics for the 134 address. Yes, this is a new server we built to replace the old server. We configured it to match the old one, just bigger hardware. We also had MS product team webex and do the config once to...

I realize the config is strange, and definately needs to be reviewed, but there is a reason for the multiple IP's heading for the same system. We separate the functions. 1 for OWA, 1 for SMTP inbound, 1 I can't actually figure out what its used for. :) However, if that was what was causing...

A quick sh int on the other interfaces show the same results; no errors on the interface. I don't know for sure if there are line problems, but if we switch back and point the two 'static' commands toward the 'old' exchange server (10.32.10.6), then it works like a charm. Last night I also...

There is a 2620 Router, followed by a 2950 switch in front of the firewall, and that's all (that we own anyway) that is in front of the firewall. The full config is already posted above. Do you need a new config? Here's the output from the 'sh int eth0' command: interface ethernet0 "outside"...

Here's a thought. When we built the new exchange server, we put the exact same certificate on it, that is/was on the old exchange server. Would that cause this type of behavior? If so, why does it work for a period of time after using the 'clear xlate' command? Here's an output from the...

OK... now we're getting somewhere. Thank you NetworkGhost for that capture setup. I think I see where the issue might be. Here's the output from the capture. I think the 'bad tcp cksum' is not what we should see... am I correct? Thanks, Dennis. 31 packets captured 17:08:06.204579...

Note, the first two 'static' entries are the ones in question. (Sorry, on the earlier posts, I changed the IPs to try to be security-concious, but with the entire config here now, not much chance of that. I did try setting the xlate timeout to 1min, but that didn't work, so I'll work on the...

Here's the full config: PIX Version 6.3(4) interface ethernet0 100full interface ethernet1 100full interface ethernet2 100full interface ethernet3 100full interface ethernet4 auto shutdown interface ethernet5 auto shutdown nameif ethernet0 outside security0 nameif ethernet1 inside security100...

Here are the results of the 'sh timeout' command: timeout xlate 1:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute If I'm reading this correctly, it looks like a 1...

Oops. I guess you'd want to see the access-lists as well... here are the two listed: access-list NO_NAT_INSIDE; 4 elements access-list NO_NAT_INSIDE line 1 permit ip 10.0.0.0 255.0.0.0 10.252.0.0 255.255.254.0 (hitcnt=40309) access-list NO_NAT_INSIDE line 2 permit ip 10.32.248.0 255.255.252.0...

Here are the results of the 'sh nat' command: nat (inside) 0 access-list NO_NAT_INSIDE nat (inside) 1 10.0.0.0 255.0.0.0 0 0 nat (dmz) 0 access-list NO_NAT_DMZ It doesn't look like there is anything there that would cause the current 'static' commands to not work while the old ones did, but...

Thanks for the quick response. I did remove the two existing static maps before adding the new ones. A quick double-check confirms that the old two entries are no longer in the config. Dennis

I am very new to the Cisco world so please don't be too harsh. I have a PIX 515E in which I made what I thought was a simple change supporting our Exchange Web Mail. There were two STATIC entries formatted like this: static (inside,outside) tcp 64.64.64.64 https 10.32.10.32 https netmask...