Got a problem, and I've no clue where to start. (Unfortunately, I'm not the one who gets to make decisions here, they just want me to fix what they break.)
We've got a new Cisco PIX Firewall installed, and it's supposed to be handling our Network Address Translation. (NAT.) However, it was configured to do Port Address Translation (PAT) on the IP of the PIX's interface. After awhile, my users would complain to me that they would often try to go to a website and have to hit "refresh" a number of times before their sites would come up. I was under the ASSUMPTION that this was because the PAT was running out of ports for all of the users. We have an address pool ranging from x.x.x.146 (the PIX) to x.x.x.155, with .147 being our mail server. So I switched the settings on the PIX to do a "Range" from .148 to .155. This seems to have only caused MORE trouble.
Anyone have any suggestions?