11-15-2001 02:25 AM - edited 03-08-2019 09:10 PM
Hi all,
I have PIX506 and I configured it to protect me internal LAN, but this PIX acts in strange way.
I gave it internal IP address: 192.168.111.1 with subnetmask 255.255.255.128. in sometimes some PCs could not work through the PIX till I changed it's IP address to an other one in the same range.
example: today one of our internal PCs has this IP address: 192.168.111.5, and it works fine till yesterday. Today the user told me that this machine can ping the internal interface of PIX and could not ping my gateway "router" and it cannot access the internet. As usually I changed it's IP address to 192.168.111.100 and it works fine....
sometimes, clear arp "on PIX and router" and clear xlate made it works but as I said sometimes
Can any one help me to resolve this problem...
thanx in advance...
Magdy
11-15-2001 10:20 AM
Weird. You possibly have a duplicate IP address 192.168.111.1 configured on another box.
Unplug the PIX internet interface and ping 192.168.111.1. if you get a reply then you know there's a dup IP. There may also be clients with dup IP addresses... just a thought. Don't forget about switches being the possible source of the dup IP. I'm sure there are other possibilities for this behavior, but this seems fairly likely... good luck!
mike kantowski
ccnp
11-18-2001 03:42 AM
Once I had a strange problem with my PIX 506 too.
In the end I found out that I ran out of IP addresses for translation.
Make sure you xlate timeout is not the default of 3:00:00. Change that to something in minutes instead.
I hope this helps.
Ron
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide