|Subject:||pix 515E cannot access www or telnet|
|Posted by:||Jonathan (jonathan_smit…@hotmail.com)|
|Date:||Fri, 16 Apr 2004|
I've been battling along last 2 days with my config and the end result is I
can only ping / tracert to machines on the internet.
All hosts on the network run on public ip addresses therefore no natting.
I allow telnet but cannot telnet - or it seems somewhere data is getting
lost and telnet session never establishes. This is what log shows:
Built outbound TCP connection 17 for faddr 126.96.36.199/23 gaddr
66.8.177.x/3901 laddr 66.8.177.x/3901
After a while it shows:
Teardown TCP connection 17 faddr 188.8.131.52/23 gaddr 66.8.177.x/3901
laddr 66.8.177.x/3901duration 02:11 bytes 0 (SYN Timeout)
I have tried adding a route statement on router for 66.8.177.x to the
internal interface of the pix and no difference. I do know the access list
is working because when I remove telnet access for the host 66.8.177.x then
the log shows dropped connection due to access list.
Where can I start looking to debug this, any ideas / recommendations?