We care currently using an ASA5505 as our firewall and redirecting web traffic to a S160 Iron port. Recently the web filter stopped working and the only way to get filtering again is to reset the redirection.
1. Is there any available log information to find out about the WCCP process and maybe way it stops?
2. Are there keep alive packets or anything of that natural between the ASA and Ironport?
I have a problem with my ASA5505 after enabling botnet filter my ASA reboots.Also while booting it usualy takes around 30minutes of random cycles before loading the OS. It seems to be falling at the license check.To fix the boot I usualy unplug the ASA for about 15minutes and then it will boot up fine.
View 3 Replies View RelatedWe have 2 ASA's that connect to a 2811, but for some reason, the 2nd ASA wont connect anymore. Debuging ipsec or isakmp on the 2811 doesn't come up with any messages.
External IP's still correct, and the sites can ping each other.
Only debug on ASA for crypto isakmp comes up with messages (ipsec doesn't give any messages).
ASDM says:
Removing peer from peer table failed, no match!
Error: Unable to remove PeerTblEntry
I found some info on the above error messages, but those links didn't quite useful.
Below is fromt he debug on the ASA:
Sep 18 22:06:09 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0Sep 18 22:06:09 [IKEv1]: IP = 64.X.X.X, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete.Sep 18 22:06:10 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0Sep 18 22:06:10 [IKEv1]: IP = 64.X.X.X, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete.Sep 18 22:06:13 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0Sep 18 22:06:13 [IKEv1]: IP = 64.X.X.X, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete.Sep 18 22:06:16 [IKEv1]: IP = 64.X.X.X, IKE_DECODE RESENDING Message [code]...
I can no longer SSH to a primary active firewall. It had all of a sudden stopped working. However I am able to SSH to the secondary standby firewall without any problems. I did try to regenerate the RSA key on the primary fw, but still unable to connect. The only way I can connect to it is by using telnet.
I ran the "show asp table socket" command and I'm seeing port 22 listening on the primary IP address (not the standby), foreign address is 0.0.0.0:*. I did a packet capture on port 22 on the inside inside, seeing my request hit the fw and then right away a reset back from the fw.
version 8.2.(5)
model ASA5520
I'm hitting a bug in the software version I'm running? Or what else can I check before rebooting the primary fw?
After I have upgraded our ASA 5510 to 8.4.2 I have problem with the management interface.Our former firmware 8.2.3 had no problem using the management interface as a DMZ zone, but after we upgraded to 8.4.2 we can't make it work.The interface and the protocol is up, when I type: show interface.But when I ping the interface from a computer connectet to the interface, nothing happens.
Even the logging shows nothing.
When the front-panel WLAN LED light is solid, it indicates that the wireless segment is ready; it blinks during actual wireless data transmission. This is how it behaved for me until I added some MAC addresses to Advanced > Network Filter. Now it stays solid even during wireless data transmission. Even after a reboot. If not, how do I get the blinking back?
View 14 Replies View RelatedI am trying to get a Cisco ASA5505 to get onto the internet using PPPOE through a Netgear DG384 ADSL router. I have the Netgear in Modem only mode - if you put it in Router mode internet access works fine. When I change it to Modem mode, the error I get on the ASA is PADI timeout. Looking through the config I think I am missing a Global NAT??Also not 100% on the best way to set the IP - we have a static IP from the ISP. Do you set the interface to use DHCP and get this address or set it statically? Then do you put the setroute option or put in a static? [code]
View 5 Replies View RelatedI'm not able to access my Slingbox from the outside. I've set up port forwarding on port 5001 to allow outside connections in, but port forwarding isn't working. Am I missing something?
object network INSIDE-HOSTS
subnet 10.10.10.0 255.255.255.0
object network Slingbox
host 10.10.10.254
object-group protocol TCPUDP
[code].....
I have a cisco ASA5505 configured in transparent mode. This evening we attempted to plug a couple of new servers in but they simply didnt work, despite our test server working absolutely fine. The server IP's are all in a network object group (the same as the test server) and they're all using the same ACLs etc. I'm relatively new to configuring cisco equipment.
the only thing I can think of is a static route I had to add to get the managemet IP to work might be causing problems.route outside 0.0.0.0 0.0.0.0 XX.XXX.132.1 1(IP addresses obfuscated- servers are all in the same range so assume XX.XXX is the same across all IP's).
I am trying to block port scans originating in the Russian Federation, thousands per day. I entered 77.88.26.0 as the Remote IP Start and 77.88.26.255 as the Remote IP End, setting the action to Deny. It shows in the inbound filter rules list but my linux server still receives thousands of scans daily from an ip address in that IP netblock. My DIR-655 is running hardware version A3 and firmware 1.34NA.
View 8 Replies View Related VLAN MAC address filter does not seem to be working on my 4900 switch. However the same config works fine when tested on my 3750 & 3560 switches.
Since user from different VLANs requires to be blocked, Unicast MAC address filter will not be feasible solution. VACL did not work on my 4506 switch too. K
Below is the config done on 4900 switch
mac access-list extended ABCpermit host 0003.0de9.d5ea anyexit
!
vlan access-map drop-mac 10
[Code]......
Model : TD-W8960N
Hardware Version : V1
Firmware Version : 1.4.0 Build 111108 Rel.40398n
ISP : TPG
URL Filter not working
Region : Australia
Model : TD-W8960N
Hardware Version : V1
Firmware Version : 1.4.0 Build 111108 Rel.40398n
ISP : TPG
Cannot get the URL filter to work Just upgraded to latest Firmware but that didn't work?
URL List Type: Deny Allow Disable
Address Port Remove
[URL]
I have implemented a Guest WLAN solution as per the recommended design from Cisco. We have two internal WiSM2 controllers providing services for Internal secure SSIDs. Both these controllers are members of a Mobility and RF management group.
Two 5508 controllers have been installed in our DMZ for resilience and have been placed into a separate Mobility group. All controllers (internal and external) have been linked together as mobility neighbours in a full mesh and a new SSID for Web Guest traffic has been anchored to the controllers in the DMZ.
Web page authentication works perfectly fine, but I cannot for the life of me get the MAC filtering override to work, i.e. if a MAC address is present, do not redirect to the splash page for web auth. I know I can get around this by just creating two separate SSIDs. But the business is used to just having the one SSID for all guest traffic. Is this a known limitation when anchoring SSIDs to controllers in the DMZ ?
I have implemented a Guest WLAN solution as per the recommended design from Cisco. We have two internal WiSM2 controllers providing services for Internal secure SSIDs. Both these controllers are members of a Mobility and RF management group.
Two 5508 controllers have been installed in our DMZ for resilience and have been placed into a separate Mobility group. All controllers (internal and external) have been linked together as mobility neighbours in a full mesh and a new SSID for Web Guest traffic has been anchored to the controllers in the DMZ.
Web page authentication works perfectly fine, but I cannot for the life of me get the MAC filtering override to work, i.e. if a MAC address is present, do not redirect to the splash page for web auth.
I have a cisco asa 5505 firewall. Is it possible to block secure websites in it like [URL]? I have already tried regular expression filtering but it filters only http traffic.
View 4 Replies View RelatedMy internet stopped working all of the sudden on my 2nd computer my 1st computer works fine (using atm) my 2nd computer stopped working all of the sudden it worked fine for about 2 years but the internet just went off for some reason it shows a computer with a yellow triangle with a black exclamation point on the bottom right corner it says connected but with limited connectivity ive tryed everything i know it is a windows XP i even bought a new internet cable today and the computer still does not work im new to these forums.
View 1 Replies View RelatedI've had 1 to 1 NAT setup for years now with no issues and the other day it simply stopped working. Rebooted everything, had ISP clear arp on their cable modem yet nothing going. As soon as I remove the 1 to 1 NAT on the router the PC has internet access. Add the 1 to 1 back and no out going internet. The configuration is pretty basic and has not changed.Thinking it could be a hardware issue I swapped it out with another RV042 I have with the exact config, same thing 1 to 1 NATs have no internet access. Upgraded one of the RV042 firmware to Firmware Version: 1.3.13.02-tm, had cable modem replaced, spent numerous calls with ISP. nada
I have found one interesting thing however, any internal machine which is set to dhp works fine, and static ip that does not have a 1 to 1 nat works fine and the last ip in the 1 to 1 nat range works fine. If I extend the range it is always only the last ip that works. Even if I add 1 to 1 nats one line at a time, it is always the last entry that works..
I was installing a IIS server to our client and created access - rules for http server and port translations. After that i noticed i lost local lan access trough vpn. Anyconnect and ipsec vpn. No other changes made to asa than those access-rules and nat changes. I'm trying to find out what is wrong, vpn connects okay, i can ping ASA but nothing else on inside network (for example dns server). Dns is not either working. When i ping local server, i can see in log.
View 8 Replies View Relatedit stopped booting up and now i cant talk to it.
View 5 Replies View RelatedI have tried a lot of drivers and even tried installing Vista 64 bit drivers (something that worked for someone in some thread), but it won't work.The adapter is recognized by the computer, but the smart wizard won't launch.
[code]...
My router has been working for close to 4 years now with minor problems, just stopped yesterday, All my PCs lost wifi access and then when I looked at my Linksys WRT300N only the 4 Ethernet port lights were on. Unplugged plugged it again, I connected one of the PCs to the one of the Ethernet port, the PC is reporting that there is nothing connected to the other side. It's been 4 years already, I do have a Linksys wireless G router even older than this which is till working. I guess its spoiled, I don't mind replacing it
View 4 Replies View RelatedI have been using a d-link router for some time now and since yesterday it has stopped working ( I have an orange 'world' light on all the time) After looking around this site I have tried resetting etc and nothing works. If I plug the ethernet cable into the modem I can get on the internet if I plug the cable into the router then nothing. These are the details I got from the config all when I plugged the ethernet into the router.
View 3 Replies View RelatedRandomly my router stopped working in the middle of the night. I didn't think the issue was with the router so i called the Tech Support people from Brighthouse and they told me to connect directly to the modem so i did that and I had internet. But why would my router randomly stop working, I've had this Linksys Dual N bound router for a year and never had a problem with it. I want to think that its the internet providers fault but I guess I really don't know.
View 2 Replies View RelatedI have a toshiba satellite laptop (windows 7) with wireless on-board and an ethernet cable port. Up until last night, both worked flawlessly since I bought the computer a few years ago.
Now, the wireless still works in three different locations I have tried (i.e. three different networks), but the ethernet cable will not work. I thought it was the ethernet connection on the mobo at first, but then after acquiring a USB-NIC connection, I found I had the exact same problem... I can't connect to my router or even direct to the DSL modem using a ethernet cable. I know my system is good since all my other computers (7) work with wired connections, and my laptop doesn't work on other cables on which other computers do. Essentially, it appears that my computer has lost the ability to get an i.p. address using an ethernet cable of any kind. Both the onboard card and the usb-nic cable tell me they are 'working correctly' in the systems/devices/network adapters section. I have tried disabling one while trying the other. I have tried disabling the wireless while trying either, and still nothing.
I currently own a Sony Vaio Laptop that has been working fine for the last 2 years, I was happily on facebook when all of a sudden, my laptop started lagging massively and it disconnected me from wifi, I was shocked to find that when I tried reconnecting, the laptop decided to stop working for a second and my wifi stopped working completely, every time I disconnect the Ethernet cable from my laptop even though my wireless switch is on, it won't even pick up my Virgin Media superhub I have about 5 meters from my laptop, it indicates that there is NO wifi anywhere, just the ascending bars with a big red X on it
View 1 Replies View RelatedMy desktop was wirelessly connected to a router. It was working perfect, I did a wired connection from the modem to the desktop and when I tried to get the wireless connection again it has not been possible. When I try network trouble shooting I get DNS server might be unavailable. Been reading around and tried many of the things that I've read but none has worked so far.
View 4 Replies View RelatedI have been a loyal customer of a hosting company for over 10 years. The main reason I have a dedicated server is to eliminate those shared-hosting issues.For the past 4 years the service has been getting crappier. In fact; this week alone the ftp stopped working, mysql stopped working, and email.It is now to the point I have to move all my domains, mssql databases, mysql databases, email servers and countless files.I have been contemplating to set up my own dedicated server (Mac) and hook it up to my ISP. Most of the websites I host are local - only one or two are national/international.
View 5 Replies View RelatedI recently reinstalled Vista on my Dell laptop.Before that,I could view and open shared files on my XP desktop, although the PC couldn't see the laptop.Now, I can get online, but can't see the PC in Network places.I've ensured both have same workgroup name.I think it may be due to Norton Internet Security,which I've renewed and reinstalled from new disk.But the former one didn't prevent file-sharing, albeit one way,XP to Vista.Before I uninstall Norton again, is there anything else I should have done after Vista reinstall ?
View 1 Replies View RelatedMy Linksys router stopped working. Resetting it didn't restore it.I bought a new Linksys E4200 router and configured it to the same settings as my old router. However, now I can't access certain website like Hotmail, Facebook, a weather site and others.But I can connect to most other websites, stream video, etc. Any suggestions why I can't connect to Hotmail, Facebook, etc???? I have 4 computers (3 wired, 1 wireless) connected through the router and they all do the same thing.
View 5 Replies View RelatedMy router suddenly stopped working yesterday and I've tried everything I can think of to fix it. I have one computer wired directly in to it and a few laptops that use wireless connections.The power LED and the internet LED light up, but the status LED and the WLAN LED do nothing. Pushing the factory reset button on the back doesn't seem to do anything.Can't connect to the router site (192.168.0.1) The internet works fine when I plug in to it directly, so its definitely the router.
View 3 Replies View RelatedI used the wireless adapter (Netgear - WG111v3) on my computer for weeks without any trouble at all. (At the time i installed it, I remember I found out it didn't work/didn't work well on windows 7 so I downloaded some driver or something -- Don't really remember -- and it worked fine.) Suddenly, today, it stopped working. I have tried a lot of drivers and even tried installing Vista 64 bit drivers but it won't work. The adapter is recognized by the computer, but the smart wizard won't launch.
View 6 Replies View RelatedMy computer stopped being able to Remote Desktop to my server on my network. My backup software also doesn't recognize my server. But, I can access its folders using Windows Explorer. Any other PC on the network can remote desktop to the server and connect. What happened to my machine? This message appears when i try to connect: "Remote Desktop can't connect to the remote computer for one of the following reasons:
1) Remote access tot he server is not enabled
2) The remote computer is turned off
3)The remote computer is not available on the network
Make sure the remote computer is turned on and connected to the network, and that remote access is enabled."
My computer is:
AMD: Athlon 64 X2 5200+ 2991 MHz
Mobo: Gigabyte M57SLI-S4 v.2
RAM: 4GB Mushkin DDR2 PC2-6400
OS: Win 7 64bit
VC: Geforce GTX 470
"Ethernet Connection has stopped working".Its stopped working again and I've run the Network Test and the results are in the file REG.txt attached. I can connect to the internet via wireless OK but I had wireless turned off to run this test.I've proven the ethernet cable OK by connecting another pc to it which works OK.
View 12 Replies View Related