Internet connectivity drops for a couple of users 1

[pollardw]

I have a PIX 525 and every day I have 3-5 users that can not access the internet. They can access internal resources just not the internet. Rebooting the PIX will allow them to connect to the internet for the day. When they return to work the next day the same 3-5 users are affected. It does not happen everday and when it happens it may happen to all of them or just a couple of them that day. Any thoughts or ideas would be greatly appreciated.

Robby

 

[dopehead]

Might be a NAT problem, do u use PAT or a pool of addresses in your global statement ? it may be a bug. what sw you running ?


Jan

 

[pollardw]

Yes, I use a pool in a global statement my pool is xxx.xxx.xxx.100 - xxx.xxx.xxx.230. If I do a sho xlate count it shows 106 in use, 106 most used. I could be wrong but shouldn't I have about 24 more available?

6.2(2)

Thanks,

Robby

 

[dx1]

I seem to recall that when you use IE to browse the web, it also opens up multiple connections. So one user could have multiple connections in the xlate table. If that is the case, you can use a PAT address:
global (outside) 1 xxx.xxx.xxx.231

 

[pollardw]

I will expand the pool to .254 and see what happens.

Thanks for everybodies help,

Robby

 

[dx1]

You don't have to expand the pool. If you wanted to save those addresses for servers or other statics, you can use a PAT address. A PAT address can support up 65,535 active xlate objects.

 

[pollardw]

How would I do that? Would it just basically be another statement of global (outside) 1 xxx.xxx.xxx.231?

Thanks,

Robby

 

[dx1]

Correct, just make sure that IP is not being use. The PIX will use all the address from you global pool first. Once they are all used, then it will use the PAT address.

 

[pollardw]

Great thanks again.

Robby