Connection limit

cygnusman · Jun 27, 2002

I have got our PIX 501 working OK for basic HTTP traffic. I can access the web from most of our workstations BUT not all. It seems I may have the 'connectivity problem' mentioned in another query (thread35-253192). His cure was to upgrade to PIX621.BIN.

All machines running W98 or NT4. Soemtimes will connect but sometimes not. When connection fails I have found that there are 4 or 5 connections shown in console for PIX. If I clear xlate the failed machine will then connect and another will not.

I definitely have a 10 user PIX.

Ideas will be gratefully received.

Thanks

yizhar · Jun 27, 2002

HI.

When you have the problem, what do you get with:

show xlate

What is your current pix version?
Why not open a TAC case and upgrade to latest version?

You can try to avoid unwanted connections in several ways
(I'm not sure which is best but you can try):
Only configure "default gateway" on hosts that are allowed to go out.
Configure nat only for hosts that are allowed to go out, like:

nat 1 192.168.1.7 255.255.255.255
nat 1 192.168.1.15 255.255.255.255
nat 1 192.168.1.35 255.255.255.255
nat 1 192.168.1.87 255.255.255.255
nat 1 192.168.1.111 255.255.255.255
nat 1 192.168.1.2 255.255.255.255

Bye
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Connection limit

cygnusman

IS-IT--Management

yizhar

MIS

Similar threads

Part and Inventory Search

Sponsor