I am very new to the Cisco world so please don't be too harsh.
I have a PIX 515E in which I made what I thought was a simple change supporting our Exchange Web Mail.
There were two STATIC entries formatted like this:
static (inside,outside) tcp 64.64.64.64 https 10.32.10.32 https netmask 255.255.255.255 0 0
static (inside,outside) tcp 64.64.64.64 255.255.255.255 0 0
which allowed ports 80 and 443 heading for 64.64.64.64 on to our exchange server at 10.32.10.32.
We built a newer exchange server that we want to be the main one now, and applied changed the STATIC entries as such:
static (inside,outside) tcp 64.64.64.64 https 10.2.0.32 https netmask 255.255.255.255 0 0
static (inside,outside) tcp 64.64.64.64 255.255.255.255 0 0
But after doing so, we must continually enter the 'CLEAR XLATE' command in order for clients to hit the server. When we enter 'CLEAR XLATE' we have about 30 seconds of functionality before we lose the ability to hit the exchange server.
I have put a sniffer on the 10.2.0.32 server and see the traffic come thru to it for those 30 seconds, and then nothing, like the PIX is filtering it.
I'm at my wit's end now and am reaching out for assistance. Does anyone know why this is behaving like this? Have I missed something simple (very likely with me).
Thanks.
Dennis
I have a PIX 515E in which I made what I thought was a simple change supporting our Exchange Web Mail.
There were two STATIC entries formatted like this:
static (inside,outside) tcp 64.64.64.64 https 10.32.10.32 https netmask 255.255.255.255 0 0
static (inside,outside) tcp 64.64.64.64 255.255.255.255 0 0
which allowed ports 80 and 443 heading for 64.64.64.64 on to our exchange server at 10.32.10.32.
We built a newer exchange server that we want to be the main one now, and applied changed the STATIC entries as such:
static (inside,outside) tcp 64.64.64.64 https 10.2.0.32 https netmask 255.255.255.255 0 0
static (inside,outside) tcp 64.64.64.64 255.255.255.255 0 0
But after doing so, we must continually enter the 'CLEAR XLATE' command in order for clients to hit the server. When we enter 'CLEAR XLATE' we have about 30 seconds of functionality before we lose the ability to hit the exchange server.
I have put a sniffer on the 10.2.0.32 server and see the traffic come thru to it for those 30 seconds, and then nothing, like the PIX is filtering it.
I'm at my wit's end now and am reaching out for assistance. Does anyone know why this is behaving like this? Have I missed something simple (very likely with me).
Thanks.
Dennis