Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
331
Views
0
Helpful
2
Replies

resetinbound not work with IOS 6.3.4 an PIX 515E

ruzickaj
Level 1
Level 1

‎02-11-2005 05:57 AM - edited ‎02-20-2020 11:56 PM

with service resetinbound commnad should be all denied requests from DMZ to inside RESETed, not DROPed, but the IDENTs from FTP server timed out

why it doesn't work ? some bug or missconfiguration ?

0 Helpful
2 Replies 2

ddawson
Level 1
Level 1

‎02-14-2005 04:48 PM

The PIX docs say the "service resetinbound" affect incoming TCP connections to "statics" that are denied by an ACL. This may mean that if your inside users are using dynamic NAT/PAT to get the the DMZ that the resetinbound doesn't apply, since the inside users don't have static NAT translations configured for them. You could try configuring a single static for an inside user and see if that fixes the problem. If so, then the PIX documentation is correct. If not, or if you already have static translations configured between the inside and DMZ interfaces, then I'd say this was a bug.

Good luck!

0 Helpful

smallu
Level 3
Level 3

‎02-14-2005 06:47 PM

Hi There,

Thanks for the question. This discussion is about Configuring and Troubleshooting IPSec on PIX. I would love to answer the question, but due to time limitations and to be within the scope of the topic, and above all to be fair with others, I'd not be able to elaborate on this question.

We have seen this issue in the past, and turning off Stateful Firewall on the VPN Client has resolved the problem.

Hope that helps!

Thanks,

Srinivas.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card