I have a problem I am configuring a Cisco pix 515e, I have two VPN tunnel site to site Working and the firewall up and running, but I have a problem with the firewall when I tried to download files from certain sites I can't, for example I can't download files from Mozilla http://www.mozilla.org/download.htm or www.microsoft.com among many others.
I can download files from torrents, and most ftp servers, as well update my computers from Microsoft widows update.
For example if I download internet explorer 8 from Microsoft site, the download starts but only download a few Kb, other times the download doesn't start.
I also have problems with you tube, the problem is the following, if I tried to see any video the clip is very slow to start, and in some cases I can't see the clips.
I attach the log file from Cisco pix to help troubleshoot the problem, as well a configuration file.
Solved! Go to Solution.
I can't answer your question specifically, but if you look at your configuration you have internal network routes to 184.108.40.206/8, 220.127.116.11/8, and 18.104.22.168/8 which are public sector IP address ranges. If any outbound traffic is destined to a website that falls within that range, you will get weird results possibly like these.
route inside 22.214.171.124 255.0.0.0 10.0.0.54 1
route inside 126.96.36.199 255.0.0.0 10.0.0.54 1
route inside 188.8.131.52 255.0.0.0 10.0.0.54 1
This could be a fragmentation issue.Try to adjust TCP MSS value on PIX.
sysopt connection tcp-mss MSS_size_in_bytes
example : sysopt connection tcp-mss 1360
I use the following article to solve the problem
It was the TCP MSS.
Thank you for the help