Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Possible Interface Failure? 1

Status
Not open for further replies.

hinesjrh

MIS
Jan 4, 2005
260
US
Our PIX (515e ver. 6.3(1)) seems to be causing me problems lately [thumbsdown]. At random, I will loose the connection to my ISP. When this happens, I will contact my ISP who can ping to the smartjack and to the external interface on my Cisco 2620 router. Rebooting the 2620 router does NOT reistablish the connection, but rebooting the PIX does. Prior to the reboot, all other traffic passing through the PIX (internal corporate traffic) is working fine.

My connection from the ISP is through the 2620 router I mentioned, into my Cisco 4006 switch (VLANed), then out of that switch to the external interface on my PIX, and then out the other interfaces to the rest of my corporation.

A few changes I have made over the last couple of months are: Adding a VPN to an external vendor, monitoring the PIX w/ the Cisco/PIX syslog server (set up via the PDM), and we added the Websense filtering product interfaced via the PIX.

CPU on my PIX runs less than 35%, and MEM runs 30 meg. used or less (out of 64).

What might be causing this disconnect? Are there any known issues with PIX ver 6.3(1)?
 
First thing I would do is upgrade to 6.3(4) since it has fixes for several bugs and it is the latest released train.
If the problem persists then you need to troubleshoot the issue; does a clear arp solve the problem? does a clear xlate solve it? Are you able to ping the outside router? How high are the xlate and connection counters? etc.

The links below can help you troubleshoot this problem:



 
Is there a way to upgrade the IOS on my PIX via the PDM? I see a setting in PDM for "auto update" but I am not sure what all that involves or does[rednose].
 
auto update can be used but you need the AUS (Auto Update Server) server. I RARELY use PDM so I am not certain if it can be done but you can upgrade from the CLI. The upgrade process if fairly simple and pretty straight forward, the link below is an excellent guideline:

 
If you're still having problems, you may want to look at known issues with the PIX on Cisco's website. We had one of the PIXs with a bad power connection that would randomly kill the PIX and I'd have to cycle the power inorder to bring it back up. Since I have replaced the PIX, I haven't had any issues at all with it.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top