We have a VPN established between the above devices (I don't have more info on the Juniper as it's a client site) The Juniper initiates the VPN and all is well, tunnel is up all ok but approx every 45 minutes the VPN drops.
the tunnel parameters are set to keep it alive for 8 hours but that doesn't work.
an issue with my modem (i think) I currently cannot get an Internet connection on my computers via wifi for some reason iv tried resetting it but it seems to pick up all the PC's and then 5 minutes later it just drops out which is annoying cause it says that the modem is still receiving Internet and were not getting it iv also tried a new router but the same issue and the speed of Internet is basically halfed what do I do iv tried heaps but it's just ******* me off now
View 1 Replies View RelatedJust starting a couple of days ago my internet started dropping about every 10-20 minutes. The problem is only with this computer. I have a laptop right next to me and it works fine no problem and two other PCs that don't have any issues so I don't think it is the router. I have scanned my computer with different antivirus software and it's clean. The computer is always connected with a full 5 bars and says it has internet access but sometimes it drops and in order to get it up and running again I unplug the wireless adapter and plug it in again. At first I thought it might have been the adapter so I swapped it out for a new one and I'm still having the same problems. My wireless is unencrypted. This keeps happening over and over again and I am stumped on what to do.
equipment: WRT54G linksys router
belkin surf and share n300 adapter
linksys ae1000 adapter
windows 7
I have a DIR-615, hardware version: C1, firmware version 3.12NA and my issue is that it keeps dropping my VPN connection after 12 minutes. Sometimes it'll go longer than 12 minutes but on average right at 12 minutes of my connection, it drops. This happens whether I'm using the wireless or hard wired to the router. As a test, I ran a continuous ping on a computer on my internal network and also to a computer on my corporate network. When I'm VPN'd in, both pings are successful. Once the router kills my VPN session, the pings to my internal network are successful. So the router isn't rebooting or anything like that. My VPN session will automatically reconnect, but I'm stumped.
View 14 Replies View RelatedWe have an SG300-28P which, at intervals between 5 and 30 minutes or so, drops power to all of its POE-powered ports and then immediately restores power. The switch logs nothing when this happens other than recording that the ports went down and back up, even with debug logging enabled. Non-POE ports are not affected.
When the problem started there were only four POE-powered devices on the switch and we are far under our power budget. (While testing I added a fifth device, see below.)
Not all combinations of devices cause the drops to occur -- specifically, it looks like having devices on ports near each other causes the drops. When the drops occur, the absent counters of all of the POE devices increment. I noticed this earlier thread here seemed similar: [URL]
but in that case, he got no power at all in the adjacent configurations, instead of having it drop every several minutes.
I'm running
sw06#sh ver
SW version 1.1.2.0 ( date 12-Nov-2011 time 23:34:26 )
Boot version 1.1.0.6 ( date 11-May-2011 time 18:31:00 )
[Code].....
For some reason, certain activities, such as using Bittorrent and visiting specific sites, causes my connection to drop immediately. It stays down for five minutes, after which the connection is reestablished... but if the offending progam is still running or I try to refresh the site, it drops for another five minutes.I really need to know what is causing this, and how it can be avoided. It only started this last weekend (22/1, 2011), and my ISP says they have no problems on their end. I'm running Windows 7.
View 5 Replies View RelatedSo, I just upgraded my mobo/cpu (Z77A-G45 and i5-2500k) and I'm having an issue with my connection as it seems to drop every 5 to 15 minutes constantly and have no idea what exactly is wrongThe kicker is my old mobo did the same thing and I had to do something in win7 to fix it (not sure if it was the drivers or what) but I just can't remember what exactly.
View 1 Replies View RelatedI can't win. After dealing with the internet dropping once every two weeks, I decided that upgrading the firmware might work. Turns it all it did was exacerbate the problem and now my internet drops every few minutes. I've been plugged into my modem for a good 20 minutes at this point with no drops. Has my router just shit the bed or can this be fixed?
View 8 Replies View RelatedI am having an issue with my network connection. I have tested the connection itself and it's not a problem on my ISP's end or the connection itself, but seems to be caused by hardware/software errors originating from the computer. It almost appears as if the connection is being capped or the like, because the signal is very strong when I connect to the internet at first, then after a few moments drops (consistently every time I try reconnecting) to an unacceptably low signal level.
View 14 Replies View RelatedI recently bought a refurbished E1000 wireless router from Amazon, and from the first day I've had recurring connection issues with it. Every half hour or so it will lose all of its connections (wireless and ethernet) and requires a hard reset. After resetting, all connections are good for a little while but then the problem occurs again. When plugged directly into my modem (Motorola SB6121), my internet access is completely fine.
The router has the latest firmware as far as I know (2.1.02 build 5 May 6, 2011), and I've tried to change several settings (MTU to 1400, Fragmentation Threshold to 2306, etc) but to no avail.
My internet connection drops every 10-30 minutes and reconnects. The modem seems to reset (every light except the power one). I have a Zoom model 5241 modem. Additionally, I cannot access my modem's status page [URL]. It's as if I'm trying to access a site that doesn't exist. Comcast sent a tech who replaced a splitter, but that didn't work.
View 1 Replies View RelatedWe have a 3750 as core switch with critical oracle servers ( production & development ) connected to this. The goal is to have these servers behind a firewall, which is to be done by logically routing the traffic towards the device.Now, we need to connect the 3750 with two juniper srx firewall physically. The oracle server VLAN will be removed from 3750 and same layer 3 vlan will be created in the juniper firewall. How do i connect the 3750 to the two junipers. what configurations will be involved, on a logical basis.
View 11 Replies View RelatedI am using 6500 with VPN Accelerator on this device. I have a dozen other VPN connections GRE and IPSEC to routers and ASA and other Juniper Firewalls.
They all work perfectly.The error I get is map_db_find_best did not find matching map (Never seen this error be for) [code]I can't put the whole config for security reasons.
I need to configure a new RV042 behind a SSG5 firewall. All VPN connections is client to gateway.
Firstly, i tried doing a direct connection(bypassing the firewall), the quickVpn status says connect but I can't even ping the rv. I suspect is due to client own ip is 192.168.1.x and the gateway ip is also 192.168.1.10. How do I resolve this such that users can connect anywhere without having to worry about clash of ip?
Assume that we have 2 Cisco 6500 series which redundant via GLP, now my question is how can we connect a Juniper SRX firewall to our core switches?
View 2 Replies View RelatedHow are asa5540 in high availability mode upgraded for their versions.
View 1 Replies View RelatedI am encountering some problems setting up my new polycom hdx 8000 behind ASA 5540?I have opened reuired ports through the firewall ( incoming and outgoing). I have enabled inspection h323 on ASA and enabled the option NAT is 323 compatible on Polycom.
3230-3243 tcp
h323 tcp
h323 udp
3230-3285 udp
Here is the problem.I get connected to the call but I cannot the remote site cannot see and hear me.But I can see and hear them.
I have no problem configuring both devices to successfully connect when the juniper firewall isn't in the picture. But due to policy; the RV042 at our main site must sit behind the firewall.
I've got the port forwarding setup but I'm not able to connect. I know I"m missing some configuration on the RV042 but I can't think of it! I've attached a GIF to give an example of both setups.
i need to upgrade ASA 5540 from 7.1 to 8.4 for secure connect feature of Cisco Jabber Configuration. Support forum guides that, i need to follow upgrade path from 7.1 --> 7.2 --> 8.0 --> 8.2 -->8.4 and also do a memory upgrade from 1GB to 2GB.
[URL]
I need to use this feature for only three or maximum four users in company then would i really need to do memory upgrade? or can i go with 1GB memory?also how i can get the prices of part number "ASA5540-MEM-2GB=" at cisco.com?
ASA-ISB-HQ# sh version
Cisco Adaptive Security Appliance Software Version 7.1(2)
Device Manager Version 5.1(2)
[Code].....
ASA5540# sh run nat-control
no nat-control
this means higher security can talk to lower security without NAT rules
Question 1) - if I want higher security zone to to talk to lower security with NAT rules. I would use statements like below. Am I correct?
nat (dmz) 1 0.0.0.0 0.0.0.0
nat (inside) 1 0.0.0.0 0.0.0.0
global (dmz) 1 interface
global (inside) 1 interface
Is this correct? So in this case I am kindly of like overriding the no nat-control statement ...right?
Question 2) - Now I have no nat-control enabled. Would the below statements (nat 0) be of any use for NAT exemption??
nat (dmz) 0 access-list dmz-nonat
nat (inside) 0 access-list dbase-nonat
And do I have to have a global statement for NAT 0 ...like below?
global (dmz) 0 access-list dmz-nonat
global (apps) 0 access-list dbase-
I Have Cisco 5540 with AIP-SSM-40, recently i config AIP-SSM-40 to capture all traffic from all interface any to any with promiscous mode and if card fail traffic still flow throuh asa, but after that i can't login to cisco ASDM, the error is "Un Able To Launch Device Manager From xx.xx.xx.xx"
View 2 Replies View RelatedI have a remote site customer with a Cisco ASA 5540 running SSLVPN (Anyconnect)(8.03). It currently only serves about 450 SSLVPN clients. Since last friday, they've seen the CPU utilization go up to high 90% while only serving 400+ remote users. I saw some high cpu utilization bugs, but none looked to be relevant. How I can find the root cause of the CPU high utilization?
View 2 Replies View RelatedJust upped our external ASA-5540 pair to 8.4(1), and now one of our nat's is busted.
Here's the lowdown:
Our public IP for our IronPorts ends in .167. That IP is natted to a VIP on our ACE, which load balances to the IronPorts.
The outside interface of the ASA uses .162, which has been the pat for all outbound traffic for a few years... except for the subnet that houses the IronPorts. Due to reverse lookup, that subnet uses the .167 IP address for all outbound traffic.
After the code upgrade, the nat won't work. No email sent or received. Nothing but Deny's on the ASA with flags reading either "SYN" or "RST". IE: Apr 27 12:56:11 10.22.151.41 local5.crit %ASA-2-106001: Inbound TCP connection denied from 69.25.174.17/36917 to 207.236.211.167/25 flags SYN on interface outside
If I return the subnet pat back to the outside interface, then inbound traffic works fine, though reverse lookup fails and anyone running a reasonable spam filter won't send to us.
I have two Cisco ASA 5540, these ASA running ver 7.2. and used mainly as VPN gateways.My question is simple, Apart from the extra AnyConnect client functionality and the higher encryption, is there any specific security benefits (related to the VPN use) for upgrading to ver. 8.x ?
View 4 Replies View RelatedI have to use GNS3 for simulate ASA5540.but it does not work. I've installed latest GNS3(0.8.3.1 all in one) in Win7 32bit environment, and used IOS file is asa842-k8.bin.but i can't unpack it properly. it said "Couldn't find any ZIP header in asa842-k8.bin".
View 2 Replies View RelatedI have two ASA 5540 working in Active/Standby mode. After I've upgraded them to 8.2.3 ver. I have the following issue: once a day presently active device arbitary reloadI have no err in show version and in syslogs:11:15:50 ASA : %ASA-6-302020: Built inbound ICMP connection for faddr 10.10.0.36/512 gaddr 10.0.0.16/0 laddr 1011:15:58 ASA : %ASA-1-104001: (Primary) Switching to ACTIVE - HELLO not heard from mate.
View 4 Replies View RelatedI am having the EXACT same problem as this user:URL
Error: GnuTLS error -53: Error in the push function.
Response: 425 Can't open data connection.
Error: Failed to retrieve directory listing
Response: 421 Connection timed out.
However I am using implicit instead of explicit. Here are the outputs of items that have been requested in the other thread.
We are try to connect ssh via outside system (from Internet) its was not getting connected.
When we try to connect from outside pool of ip than its working.
I have 2 ASA 5540's that I want to run in HA A/F. The active ASA has an IPS module running. I no longer need this and would rather remove it than purchase another module for the spare. What is the process to do this safely? After removal will the HA wizard recognize that the module was removed or do I have to update the software?
View 3 Replies View Relatedwe have noted the automatically removing of the only "nat (inside,any)" line, during the upgrade of ASA 5540 from 8.4(3) to 8.4(4) 1: why ?
View 1 Replies View Relatedthere was remote FTP - users behind ASA5540 can connect to it.
Now, with this ftp there is SSL/TLS encryption added and users behind this ASA can't connect to this FTPS.
It this possible for users behind ASA to connect to FTPSs?
I was looking in the CISCO webpage how to load an IOS from a tftp server but i got some questions:
I got the information from this webpage: [URL]
rommon #1> ADDRESS=10.132.44.177 <---- Which IP address? the one that I got on my firewall?
Q1. I would like to confirm like how many total of contexts do I have by default when I purchase the ASA 5540 ? are they two contexts aside from the admin context or two contexts including the admin context?
Q2. can I configure the default box with High Availability using the default contexts?