PIX 515E resetting connections

adm · ‎08-16-2005

I'm a newbie dealing with PIX, I've just configured basic access-lists to let outside interfaces to access inside networks. The problem is, my connections are being resetd after some little time, and PIX shows me messages like:

TCP Reset-O

TCP Reset-I

(no connection) RST ACK

Looks like the tcp handshake is scrambled after minutes of connection established. How do you solve this? I saw lots of posts with similar problems but no solution.

PIX: 515E v6.3

rsmith · ‎08-19-2005

There appear to be a few problems:

1: The outside interface is on the Public Internet? If so, your static commands won't work (private IP addresses). Should be changed to:

static (inside,outside) "publicIP1" ADU-EBT netmask 255.255.255.255 0 0

static (TELEMAR,outside) "publicIP2" ADU-TEL netmask 255.255.255.255 0 0

Where the publicIP are from your pool, 200.241.127.79 255.255.255.224

2: If you change your static commands, all your access-list for the outside need to change to point to the publicIP, vs. ADU-TEL and ADU-EBT.

3: Your access-list inside_access_in only allows a single device out (ADU-EBT), denys all other outbound traffic. (may be correct for your setup)

4: you have a name for "stacao" as 192.168.1.2, which is also the start of your DHCP pool. If you are using this for a server/pc, you may end up with an IP address conflict. (or maybe you just wanted to name your dhcp pool, in which case, this is ok)

I did not go through your access-list in-depth, but it appears to be good except as noted above.

Hope this gets you running.