Firewall Wizards mailing list archives

PIX 6.1 xlate issues

From: "B Shivanthan" <shivi () batelco com bh>
Date: Wed, 20 Aug 2008 09:02:25 +0300

Hello there,
I am using a PIX 6.1 (I know its quite old and replacement procedures already in place) and facing problems with xlates 
getting
overwhelmed. I have this firewall serving our corporate network, where I have a proxy server, SMTP server, DNS server 
and about 1500 users
browsing the web through the proxy, along with other servers which I do static NAT on.

Overtime, my SMTP server loses connectivity with the DNS server (residing outside the firewall) for name resolution and 
the only
remedy to this is to clear the xlate. I've set the xlate timeout to as low as 30 mins, but the problem still persist.

Does anyone know of any resolution to this problem ?

Many thanks

Regards
Shiv

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

PIX 6.1 xlate issues B Shivanthan (Sep 03)
- Re: PIX 6.1 xlate issues kevin horvath (Sep 04)
- Re: PIX 6.1 xlate issues Christopher J. Wargaski (Sep 04)