From: Marvin Greenlee (marvingreenlee@yahoo.com)
Date: Fri Dec 01 2006 - 13:14:17 ART
Sounds like a stuck TCP session.
Clearing XLATE drops the connection, but does not
reset the TCP connection on the endpoints.
Check for a stuck session. Start with show tcp brief,
and clear the one that says FINWAIT.
R5#show tcp brief
TCB Local Address Foreign Address
(state)
463148CC 200.0.0.5.179 200.0.0.2.45257
ESTAB
4606B018 200.0.0.5.179 200.0.0.2.51313
FINWAIT2
R5#
R5#clear tcp tcb 4606B018
[confirm]
[OK]
R5#
Thanks,
Marvin Greenlee
--- Lab Rat #109385382 <techlist01@gmail.com> wrote:
> Have you guys ever ran in the situation where, after
> clearing xlate on the
> PIX (or something along those lines), the BGP peer
> authentication starts
> going haywire on one of the end-points? It's the
> message "...Invalid MD5
> digest from x.x.x.x (179) to x.x.x.x (11000) (RST)"
>
>
> Well, I've now run into this more than once, and I
> can never get it to go
> away unless I reload the router or I wait for like
> 10 minutes.
>
> Is this normal? Has anyone else seen this?
>
> Thanks,
>
> Eddie
>
>
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:36 ART