Hello, I have users on an internal non routable 10.x.x.x network who are hiding behind a PAT legal IP address on the PIX. There is a cuious situation that is taking place where by URL's which pop open a new window via javascript or PHP are taking a rather lengthy amount of time, sometimes upward to 30 seconds. During this lenght wait the PIX log shows nothing however when the window finaly pop open I see the following being logged:
bouncer(config)# 302002: Teardown TCP connection 50668 faddr 62.251.0.15/80 gadd r 150.79.15.40/44407 laddr 10.0.0.2/4172 duration 0:00:22 bytes 798 (TCP Reset- I) 302002: Teardown TCP connection 50667 faddr 168.103.96.82/80 gaddr 150.79.15.40 /44406 laddr 10.0.0.2/4171 duration 0:00:23 bytes 7144 (TCP Reset-I) 302002: Teardown TCP connection 50665 faddr 168.103.96.82/80 gaddr 150.79.15.40 /44405 laddr 10.0.0.2/4169 duration 0:00:23 bytes 1824 (TCP Reset-I) 302002: Teardown TCP connection 50662 faddr 168.103.96.82/80 gaddr 150.79.15.40 /44403 laddr 10.0.0.2/4166 duration 0:00:25 bytes 32236 (TCP Reset-I) 302002: Teardown TCP connection 50658 faddr 64.30.32.62/80 gaddr 150.79.15.40/4 4400 laddr 10.0.0.2/4162 duration 0:00:27 bytes 5985 (TCP Reset-I) 302002: Teardown TCP connection 50661 faddr 64.30.32.62/80 gaddr 150.79.15.40/4 4402 laddr 10.0.0.2/4165 duration 0:00:26 bytes 685 (TCP Reset-I) 302006: Teardown UDP connection for faddr 160.79.128.16/3436 gaddr 150.79.15.40 /6089 laddr 10.0.0.2/4167 302006: Teardown UDP connection for faddr 160.79.128.16/3437 gaddr 150.79.15.40 /6090 laddr 10.0.0.2/4170 305004: Teardown portmap translation for global 150.79.15.40/6088 local 10.0.0. 2/4163 The number of resets is intruiging. Has anyone seeen this behavior before? does anyone have any insight into what might be causing this lag? I would appreciate any feedback. Thanks KK __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
