Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
4
Replies

urgent issue ping drop

iqbalkhan
Level 1
Level 1

‎07-04-2006 09:12 PM - edited ‎03-09-2019 03:29 PM

Hi

i facing serious problem . pls help with advice.

I have 515 pix firewall version 6.3.

I have many users .users gateway router and router is connected to pix firewall and pix firewall is connected to outside router. after install 515 firewall no problem but suddenly some of days in peak time when user go want outside then connection is slow. for test purpose i ping pix inside i found packet drop but when i ping inside router interface then no ping drop. and agin offpick hour no ping drop . so it is the problem of pix firewall or a lot of packet generated in LAN ??

pls let me know someone whats the reason or what can i do .

Thanks

Biplob

Labels:
0 Helpful
4 Replies 4

a.kiprawih
Level 7
Level 7

‎07-05-2006 04:36 AM

Hi,

Without visibility to your pix and router config, it's hard to tell. It could be due many reasons. Anyway, how's the connection between PIX inside interface and inside router - direct via cross-over cable or through switch/hub? What's the speed/duplex set on your PIX inside and inside router interface? Have you try to change the network cable?

Can you issue "show interfaces" on your PIX, and check the counter for errors and so on?

Rgds,

AK

0 Helpful

rob_lay
Level 1
Level 1

‎07-05-2006 04:46 AM

Hi,

Cisco pix firewalls do not respond to ping attempts directly to their interfaces by default, this is to ensure the firewall itself does not get hit by a denial of service attack. Dependant on your rule base you may or may not be able to ping through the pix. If you have permitted ICMP then you will be able to ping through the pix. To determine if this is a problem or a network utilisation issue then I would recommend during a slow period pinging the outside router from the inside, this will provide you with a baseline for performance. When the slowness occurs again run the same test. If you notice the response is a lot slower then you will be able to localise the issue, otherwise you need to look elsewhere in your network. How big is you outside link, is it possible that this is simply being overloaded by the amount of traffic at peak times??

Cheers

Rob

0 Helpful

iqbalkhan
Level 1
Level 1
In response to rob_lay

‎07-06-2006 12:07 AM

hi

slow period pinging the outside router from the inside ???.

thanks for your sugation.

Thanks

Biplob

0 Helpful

cpembleton
Level 4
Level 4
In response to iqbalkhan

‎07-06-2006 04:26 AM

Check and make sure your interfaces did not auto negotiate at half duplex. If it does this can cause very slow preformance. It is best to hardcode the interface speed and duplex.

Thanks,

Chad

0 Helpful
Customers Also Viewed These Support Documents