GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
PIX 520 Xlate Problem [7:63087] posted 02/15/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Hi group ,

Any idea where the problem is..thanks..


   We have implemented PIX with the following configuration.We have a 3 
inside networks mapped with 2 different public IP pools 203.125.152.0/26 and 
203.125.150.0/24.Problem is the inside network 10.0.0.0/17(10.0.0.0 subnet 
mask 255.255.128.0) is not able to go to internet after a certain period of 
time ( 2 or 3 days).

Any idea where the problem is..thanks..

172.0.0.0/8

10.0.0.0/8

10.0.0.0/17

Here are the details.

pixfirewall# sh global

global (outside) 1 203.125.152.194-203.125.152.236 netmask 255.255.255.192

global (outside) 4 203.125.150.1-203.125.150.126 netmask 255.255.255.128

global (outside) 2 203.125.152.244 netmask 255.255.255.192

global (outside) 3 203.125.152.248 netmask 255.255.255.192

global (outside) 1 203.125.152.193 netmask 255.255.255.192

global (outside) 4 203.125.150.249 netmask 255.255.255.128

global (dmz) 1 172.16.13.11-172.16.13.20 netmask 255.255.255.0

global (dmz) 2 172.16.13.51-172.16.13.60 netmask 255.255.255.0

global (dmz) 3 172.16.13.61-172.16.13.70 netmask 255.255.255.0

global (dmz) 4 172.16.13.71-172.16.13.80 netmask 255.255.255.0

global (dmz) 1 172.16.13.10 netmask 255.255.255.0

global (dmz) 2 172.16.13.9 netmask 255.255.255.0

global (dmz) 3 172.16.13.8 netmask 255.255.255.0

global (dmz) 4 172.16.13.6 netmask 255.255.255.0

pixfirewall# sh nat

nat (inside) 2 172.16.1.115 255.255.255.255 0 0

nat (inside) 3 172.16.11.76 255.255.255.255 0 0

nat (inside) 3 172.16.11.80 255.255.255.255 0 0

nat (inside) 3 172.16.11.84 255.255.255.255 0 0

nat (inside) 2 172.16.11.224 255.255.255.240 0 0

nat (inside) 4 10.0.0.0 255.255.128.0 0 0

nat (inside) 1 10.0.0.0 255.0.0.0 0 0

nat (inside) 1 172.0.0.0 255.0.0.0 0 0

nat (dmz) 1 172.16.13.0 255.255.255.0 0 0

pixfirewall# sh xlate

Global 203.125.152.220 Local 172.16.11.71

Global 203.125.152.221 Local 172.16.11.149

Global 172.16.13.11 Local 172.16.11.139

PAT Global 203.125.152.193(52641) Local 172.16.11.57(1155)

Global 203.125.152.222 Local 172.16.11.120

Global 203.125.152.223 Local 172.16.152.37

Global 203.125.152.216 Local 172.17.1.94

Global 203.125.152.217 Local 172.16.1.20

Global 203.125.152.218 Local 172.16.5.20

Global 172.16.13.12 Local 172.16.1.205

Global 203.125.152.219 Local 172.16.11.139

Global 172.16.13.13 Local 172.16.154.75

Global 203.125.152.212 Local 172.16.11.194

Global 203.125.152.213 Local 172.17.11.91

Global 203.125.152.214 Local 172.17.1.91

Global 203.125.152.215 Local 172.16.5.78

Global 203.125.152.208 Local 172.16.1.22

Global 203.125.152.209 Local 172.16.5.15

Global 203.125.152.210 Local 172.16.151.75

Global 203.125.152.211 Local 172.17.1.23

Global 203.125.152.204 Local 172.16.5.79

Global 203.125.152.205 Local 172.16.5.13

PAT Global 203.125.152.193(52640) Local 172.16.11.57(1154)

Global 203.125.152.206 Local 172.18.1.22

Global 203.125.152.207 Local 172.18.1.104

Global 203.125.152.200 Local 172.16.11.192

Global 203.125.152.201 Local 172.18.1.24

Global 203.125.152.203 Local 172.16.5.17

PAT Global 172.16.13.6(43713) Local 10.0.12.137(12875)

Global 203.125.152.203 Local 172.16.151.72

Global 203.125.152.196 Local 172.16.5.21

Global 203.125.152.197 Local 10.120.10.51

Global 172.16.13.19 Local 172.18.1.254

Global 203.125.152.198 Local 172.17.1.93

Global 203.125.152.199 Local 172.16.11.186

Global 203.125.150.193 Local 172.16.206.30 static

PAT Global 203.125.152.244(21827) Local 172.16.11.233(4493)

PAT Global 203.125.152.244(21811) Local 172.16.11.233(4480)

Global 203.125.152.194 Local 172.16.5.18

Global 172.16.13.20 Local 172.17.1.110

Global 203.125.152.195 Local 172.16.5.14

Global 203.125.150.252 Local 172.16.1.40 static

Global 203.125.152.252 Local 172.16.13.21 static

Global 172.16.13.42 Local 172.18.1.22 static

Global 172.16.13.43 Local 172.17.1.21 static

PAT Global 203.125.152.193(52643) Local 172.16.11.57(1158)

Global 172.16.13.40 Local 172.16.11.21 static

Global 172.16.13.41 Local 172.16.206.21 static

Global 203.125.150.249 Local 172.16.13.27 static

Global 203.125.152.249 Local 172.16.13.23 static

Global 172.16.13.47 Local 10.160.10.53 static

Global 203.125.152.250 Local 172.16.1.41 static

Global 203.125.150.250 Local 172.16.1.24 static

PAT Global 172.16.13.6(43714) Local 10.0.12.140(14384)

Global 172.16.13.44 Local 172.16.152.21 static

Global 203.125.152.251 Local 172.16.13.22 static

Global 172.16.13.45 Local 10.160.10.51 static

Global 203.125.152.245 Local 10.160.10.51 static

Global 203.125.152.246 Local 172.16.13.26 static

Global 203.125.152.247 Local 172.16.13.25 static

Global 203.125.152.240 Local 10.160.10.52 static

Global 203.125.152.241 Local 172.16.18.51 static

PAT Global 203.125.152.244(22080) Local 172.16.11.229(1026)

PAT Global 203.125.152.244(21856) Local 172.16.11.224(1473)

Global 203.125.152.242 Local 172.16.206.31 static

Global 203.125.152.243 Local 172.16.206.21 static

Global 203.125.152.236 Local 172.16.1.25

PAT Global 203.125.152.193(52642) Local 172.16.11.57(1157)

PAT Global 203.125.152.193(52626) Local 172.16.11.57(1135)

Global 203.125.152.232 Local 172.16.155.85

Global 203.125.152.233 Local 172.17.1.21

Global 203.125.152.234 Local 172.16.5.75

PAT Global 172.16.13.6(43715) Local 10.0.12.142(14931)

Global 203.125.152.235 Local 172.17.1.92

Global 203.125.152.228 Local 172.16.11.124

Global 203.125.152.229 Local 172.16.1.26

Global 203.125.152.230 Local 172.16.5.80

Global 203.125.152.231 Local 172.16.11.21

Global 203.125.152.224 Local 172.16.5.16

Global 203.125.152.225 Local 172.16.11.196

PAT Global 203.125.152.244(22081) Local 172.16.11.233(4546)

Global 203.125.152.226 Local 172.16.1.102

Global 203.125.152.227 Local 172.16.152.32

Global 172.16.13.74 Local 10.0.12.76

Global 172.16.13.75 Local 10.0.12.80

PAT Global 203.125.152.193(52645) Local 172.16.11.57(1160)

PAT Global 203.125.152.193(52629) Local 172.16.11.57(1138)

Global 172.16.13.72 Local 10.0.12.71

Global 172.16.13.73 Local 10.0.12.73

Global 172.16.13.78 Local 10.0.12.83

Global 172.16.13.79 Local 10.0.12.67

PAT Global 172.16.13.6(43716) Local 10.0.12.143(3744)

Global 172.16.13.76 Local 10.0.11.242

Global 172.16.13.77 Local 10.0.12.82

PAT Global 203.125.152.244(22054) Local 172.16.11.224(1675)

Global 172.16.13.71 Local 10.0.12.70

PAT Global 203.125.152.193(52644) Local 172.16.11.57(1159)

PAT Global 172.16.13.6(43717) Local 10.0.12.144(50265)

Global 203.135.39.36 Local 172.16.1.34 static

Global 203.135.39.37 Local 172.16.1.32 static

Global 172.16.13.80 Local 10.0.12.69

PAT Global 203.125.152.193(52647) Local 172.16.11.57(1162)

PAT Global 203.125.152.193(52631) Local 172.16.11.57(1140)

PAT Global 203.125.152.193(52646) Local 172.16.11.57(1161)

PAT Global 203.125.152.193(52630) Local 172.16.11.57(1139)

PAT Global 203.125.152.248(50501) Local 172.16.11.76(1030)

PAT Global 203.125.152.193(52649) Local 172.16.11.57(1164)

PAT Global 203.125.152.193(52633) Local 172.16.11.57(1143)

PAT Global 203.125.152.193(52648) Local 172.16.11.57(1163)

PAT Global 203.125.152.193(52632) Local 172.16.11.57(1141)

PAT Global 203.125.152.193(52651) Local 172.16.11.57(1167)

PAT Global 203.125.152.193(52635) Local 172.16.11.57(1148)

PAT Global 203.125.152.193(52603) Local 172.18.1.100(1912)

PAT Global 203.125.152.193(52491) Local 172.16.11.206(1047)

Global 203.135.6.212 Local 172.16.1.31 static

Global 203.135.6.214 Local 172.16.1.205 static

Global 203.135.6.215 Local 172.16.1.50 static

Global 203.135.6.211 Local 172.16.1.64 static

PAT Global 203.125.152.193(52650) Local 172.16.11.57(1165)

PAT Global 203.125.152.193(52634) Local 172.16.11.57(1145)

PAT Global 203.125.152.193(52618) Local 172.16.11.57(1126)

PAT Global 203.125.152.193(52653) Local 172.16.11.57(1170)

PAT Global 203.125.152.193(52637) Local 172.16.11.57(1150)

Global 203.125.150.31 Local 10.0.12.139

PAT Global 203.125.152.193(52652) Local 172.16.11.57(1168)

PAT Global 203.125.152.193(52636) Local 172.16.11.57(1149)

PAT Global 203.125.152.244(22079) Local 172.16.11.233(4544)

PAT Global 203.125.152.193(52655) Local 172.16.11.57(1172)

PAT Global 203.125.152.193(52639) Local 172.16.11.57(1152)

PAT Global 203.125.152.193(52654) Local 172.16.11.57(1171)

PAT Global 203.125.152.193(52638) Local 172.16.11.57(1151)

pixfirewall#





_________________________________________________________________
Fe Hotmail pe mobilen http://www.msn.dk/mobile




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63087&t=63087
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx