Hi Chris,

Thanks for the input.

There are no dropped packets from what I can see, but the logging is substandard without setting up a syslog server.

We are running 3MB connection for our internet and only one 100 MB port for out internal connection.

I'm fairly convinced that the firewall is a problem, though cisco claims I'm well under utilization for the pix 501. I just bought a 5505 ASA to replace it. I should know by Monday if that solves my problem.

Bill

-----Original Message-----
From: firewall-wizards-bounces@listserv.cybertrust.com [mailto:firewall-wizards-bounces@listserv.cybertrust.com] On Behalf Of Chris Myers
Sent: Tuesday, April 22, 2008 5:58 PM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] Pix 501 and server time-outs

Check the interfaces for dropped packets. All of your connections are
probably legitimate. Sounds like you have too much for the Memory if
you have only 1MB left. The LED's are screaming HEEELLP! The firewall
is getting lit up with so much traffic. I would not be surprised if
the CPU is not pegged as well. a 501 is a branch office firewall. Add
all the traffic going out the interface (i.e. how many 10MB/100MB
connections you have) and measure the bandwidth you have available
(i.e 1.544 T1). Try to measure your traffic before and after your
email went in house. It may not be a question of hardware failure,
just over use of the one you have.

Thank You,

Chris Myers
clmmacunix@charter.net

John 1:17
For the Law was given through Moses; grace and truth were realized
through Jesus Christ.



--
This message has been scanned for viruses and
dangerous content by OpenProtect(http://www.openprotect.com), and is
believed to be clean.


--
This message has been scanned for viruses and
dangerous content by OpenProtect(http://www.openprotect.com), and is
believed to be clean.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards