PIX 501 Version 6.2(2) not clearing local-host table automatically

Discussion in 'Cisco' started by christian maier, Dec 9, 2007.

  1. Hi!

    Is there a known bug with Cisco PIX 501 6.2(2) with the connection
    timeout? It seems, that my PIX keeps the connections in the local-host
    table, even when the connection does not exist any longer.
    I know, this PIX reaches license limit, but this should not prevent the
    local-host table from being cleared automatically?
    Yesterday I did show local-host, today (24 hour later) again, and show
    local-host still looks the same. No one is working there at the moment
    (weekend).
    I can do clear local-host manually, after a few seconds I see only one
    device with active connection. This is ok, this is the server which also
    works on weekend ;-)

    This is the config for the timeouts:
    timeout xlate 0:05:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
    0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute

    Thanks.
    Christian
     
    christian maier, Dec 9, 2007
    #1
    1. Advertisements

  2. It's been several years, but if I recall correctly, Yes, that
    is a known bug.

    If you are the registered owner of the PIX, you are entitled to
    a free security update to somewhere around PIX 6.2(4) [I stopped
    paying attention to the 6.2 stream so I don't know exactly how
    far it got.]

    If you are not the registered owner of the PIX (e.g., you bought it
    from eBay), then in most countries you would not be legally entitled
    to run the PIX software at all; however if you are in Germany
    as suggested by your email address (but your message ID suggests
    Austria instead, which I believe has different laws) then my understanding
    is that you would be entitled to run the software even if the equipment
    is used (only applies in a few countries!); I am not sure of the
    legal situation for the security updates in that situation; possibly
    you would [in those few countries] be entitled to run the security update
    if you could manage to get a copy of it, but I do not know if Cisco would
    be required to supply the copy as would be the case for registered owners.
     
    Walter Roberson, Dec 16, 2007
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.