Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
i lose all my perfectly working vpns all of a sudden during the day.vpns stop working and this corresponds to the peak times when our links are utilized like 100%.i begin to receive errors on pix logs, and all is well again when traffic drops.does an...
did you check your routing on Pix?all client range should be routed outside, and one other point is,traffic going out of your firewall to vpn client range should not be natted.i am sure you know these,it is worth to check again.
also check sh logging, these debugging level logs can have severe impact on the processor, depending on the volume of traffic trepassing pix.packet debugs are also lethal in a production network, make sure you do u all, on pix to disable any debugs r...
John, instead of seeing the accounting output, you want to see the sources of big sized packets in your syslog messages.so here comes the second method to achieve that.forget about the PBR and the loopback for a while...in order to generate syslog me...
Here is one solution....match big packets and forward them to a loopback interface on your router with PBR.use ip accounting output, on that new loopback interface.what will happen is that , packets matched with PBR will be forwarded to that loopba...
you can block big packets by matching the packet size in a route-map. route-map x match lenth [min packet length] [max packet length]set interface null 0 HTH
