Can anybody tell me why a PIX is not clashing the source ports of tcp connections intitiated from inside hosts being hide-nated to the external IP for browsing? Can anyone tell me for sure the PIX is randomizing the source ports to make sure no clashes could happen?
Typically, windows XP machines use 1024/tcp for high-port. The issue is that, if you've got 20 machines inside going tohow the PIX manage the fact that most likely more than 2 machines inside will come to the PIX with a source port or 1024/tcp?
Please, let me know how I can retrieve logs from the PIX to see it works ok.
Now, talking about another scenario.
Regardless what is the inside network ip addressing which can be really funky. Anyone from this funky network going to a remote private IP through a VPN is getting hide-nated to a "virtual" private IP not leading to any networks attached to the PIX. Once hide-nated, this "virtual IP" is the source for tcp connection to the DB server at the other side of the VPN. It looks, if we've got for example 3 Windows XP machines talking to this "special hide-nat" that sometimes the last machine make clashing the other machines already connected... Like, I believe there is like a fight ! Pix wondering who the hell is coning from the 1024/tcp high port again...
Please, let me know how I can get logs to make sure this source port "game" is ok in this scenario...
Thanks you very much,