Cisco WAN :: ASA5520 / Devices Are Randomly Inaccessible
May 30, 2012
This is my current config:
Offsite Central Office
-------- ----------------- --------------- ------------------------------ ----------------- ---------- -------
| PC | | 3560-EMI | | ASA501 | | Comcast Business | | ASA5520 | | 6509 | | PC |
-------- ----------------- --------------- ------------------------------ ----------------- ---------- -------
I've got a VPN L2L tunnel between my offsite and my central office. Everything seems to work most of the time, but every now and then i loose connectivity to random devices.for example, right now I cannot ping the interface on the 3560-EMI, however i can ping the PC on the other end of it. A few minutes from now, the 3560 will be pingable and i will probably notice another device that is no longer accessible.It almost seems as if the ARP table is corrupt or inconsistant. Another example would be 2 separate PCs on the Offsite side, I can ping one but not the other. If i telnet into the 3560 i can ping both PCs without issue, but once i get to the other side of the ASA5520 I no longer can see both devices...A few minutes later the second PC will be visible again from the Central Office.
View 2 Replies
ADVERTISEMENT
Nov 25, 2011
All my devices (Smart Phone, 2 PC's, a laptop and a Nintendo Wii) connect using my BT Homehub 2.I'm not sure what the cause is but it seems that all my devices randomly get disconnected from the Homehub? The broadband connection seems to be fine and all the lights are normal and the BT Homehub2 option is still displayed in network options. But whenever I try to connect again it just says "Windows was unable to connect to your network".I have to physically restart the router to get the devices to reconnect, and having doing so on a regular basis has meant my IP Profile has been dropped at my exchange as it thinks it'll "keep a stable connection"?Would it be worth changing the channel and security type? (Currently using WPA)
View 7 Replies
View Related
Aug 16, 2012
I have an exisitng ASA5520 which is already working with remote clients using Cisco vpn client configured using ipsec over tcp, I am now trying to get vpn access for Iphones working and having a problem where once connected the Iphone cannot ping any internal device. The configuration on the Iphone does not allow for Ipsec over tcp and therefore uses udp 500 by default, if i create a new profile from a pc and do not use ipsec over tcp it has the same issue where it establishes a vpn tunnel but cannot ping any internal device as soon as I change the profile to ipsec over tcp it works fine.
View 2 Replies
View Related
May 30, 2012
Wireless router started randomly not allowing any wireless devices to connect to the network. A wired cable worked fine, but not wireless. So we had to unplug the router and then it would work fine.You could see the device, but not connect. We moved our wireless phone a little farther away from the router thinking it was interfering, but still no luck. It didn't matter if it was an iPod, our BluRay player, or a laptop.
View 1 Replies
View Related
Aug 28, 2012
I have a network that has a pair of 6500 switches on either end, running HSRP. In between each 6500 are two to three ruggedcom switches. They are connected to each other and the 6500's by trunk ports in a straight line. The 6500's see each other as CDP neighbors, and the 6500's can see the rugged- com as LLDP neighbors (ruggedcom only supports LLDP).
The issue is that randomly devices on the ruggedcoms will drop offline and then come back. The problem is that the devices that drop offline are all in the same VLAN, so it appears like a virus - i.e. one device drops off, then multiple. Eventually the HSRP starts flapping between the two 6500s and this causes havoc on the network.I'm almost to the point of taking a laptop and plugging it into one of the ruggedcom's to see traffic, but the issue is that the ruggedcoms are outside in cabinets that laptops shouldnt be exposed to.
View 2 Replies
View Related
May 31, 2011
Our firewall expert has gone off on long term illness leave and I am trying to pick up the pieces :-(
We have an ASA 5520 (local office) talking to another ASA (remote office) via a VPN Tunnel.
My 1st problem is that I cannot ping from my inside network (local) to the outside interface of my remote ASA.
My 2nd is that I have debug enabled on my rules but am not logging anything.
View 1 Replies
View Related
Jan 3, 2012
There are some configuration of my Cisco 6506-E, the IOS version is (s72033_rp-ADVENTERPRISEK9_WAN-M), Version 12.2(18)SXF17b
C6506E#show run | b r b
router bgp 64517
template peer-policy Route-Opt
route-map Route-Opt in
route-map BROADCAST_LOCAL out
exit-peer-policy
[code]...
Why the next-hop 202.99.1.30 is inaccessible?
View 4 Replies
View Related
Apr 11, 2012
I need to access my employer's website to make changes from home. At work, I use a Mac and can use the built-in tools in Finder to quickly type in the ftp and log in. However, if I try to go in through Filezilla on a PC, the server never connects. I have tried using SFTP and CyberDuck as a web dev with no luck.
View 1 Replies
View Related
Apr 10, 2012
I cant access my IP-8186 router, setup my router? i cant ping my router.
View 1 Replies
View Related
Jan 27, 2011
We have recently purchased a Cisco Small Business Pro SRP 527W router, all seems good and it is running smoothly, no disconnections or sync issues like our last router. However, after a certain amount of time the web management interface is unavailable through the browser (accessing it via 192.168.1.254 or the alternative we set-up 1.1.1.1) It is totally unavailable and timeouts in the browser yet there is still internet access and network is still alive. The web management interface was accessible before though and the only solution I have been able to do to access it again is to reboot this router.Could it be possible that because port 80 is forwarded to a different IP it interferes with the Web management interface? And how wcould the interface port access be changed?
View 2 Replies
View Related
Aug 29, 2012
Experiencing a strange issue with v3 hardware. After a short period of time, I cannot log into the web administration - either locally through standard port or remote through non-standard port get login prompt, enter correct username & password, page refreshes with blank background and first page (status?) never shows.power cycling the router restores access to the web administration page, for an uncertain period of time before it barfs again.
I was running older firmware, updated to newest 4.2.1.02 (?) and same problem. Only thing that is better is the internet didn't completely lock up when I tried to access the administration page, like it did on the older firmware.
View 4 Replies
View Related
Oct 10, 2011
I bought a gigabit NAS to replace my existing 100Mb NAS. After copying the data and users from the old box to the new (during which both NAS boxes worked fine) I renamed the old one to BACKUP and gave the new one the name of the old, FILE_SERVER.
View 16 Replies
View Related
Jun 3, 2012
Up to this point, all the computers on the network accessed the e-mail server via the Windows name of the PC running the e-mail server. However, one of the PCs will need to access e-mail from the WAN soon as opposed to the LAN, so I switched the server name in Thunderbird (e-mail client) to the actually fully qualified domain name of the server (registered at NO-IP, which redirects to the e-mail server at home).
The problem I am running into is that all the requests sent for IMAP or SMTP are being blocked by the router. That's even though I added port forwarding rules for them. The logs show messages similar to the following:
"Blocked incoming TCP connection request from 216.168.101.68:51291 to 216.168.101.68:143"
It doesn't make a difference if I change the endpoint filtering to "Endpoint Independent" either. Any thoughts of what else I can try? DMZ is not an option.
View 2 Replies
View Related
Aug 17, 2011
I've got the DIR-825 2.02. I had an issue where if you did change the IP adress default 192.168.0.xxx to something like 192.168.yyy.xxx, the configuration page was becoming inaccessible. It was super slow, was displaying the wrong pages with missing images and wrong page formating. I had to reset the router to default and then it was working fine.That seems to have been fixed since 2.05. Now you can change the default ip adress to anything you want and the configuration or setup still work fine.When I am on LAN, the setup page are displayed almost instantly. By remote, it's super slow.
View 1 Replies
View Related
Apr 21, 2013
Within a workgroup environment we have four large drives, statically assigned and all accessbile via VPN. Our FW is a Cisco ASA-5505. Where within the ASA-5505 GUI can one of these drives be made inaccessible via VPN ?
View 0 Replies
View Related
Mar 26, 2013
I have this 3750 stack where all ports are configured as below.The data runs on VLAN 1 and the voice runs on VLAN 100.
interface FastEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100
switchport mode trunk
Name: Fa1/0/1
Switchport: Enabled
Administrative Mode: trunk
[code]....
The PCs and Polycom VOIP phones are plugged into the switch and they work fine.However, if I plug printer(s) into the ports, they cannot be accessed.I have to end up removing the trunk mode before it can work like below.
Name: Fa2/0/43
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
[code]....
View 12 Replies
View Related
Nov 30, 2011
We have a CSS 11503 with the following partial config [code] it is clear that the server at 10.10.10.222 is active. What we cannot understand is why web site is inaccessible thru load balancer using http://10.10.10.1.
View 2 Replies
View Related
Feb 3, 2013
I have a brand new SG500-28P sitting on my desk.
The swtich is configured and going to operate in L3 mode. All ports are still assigned to the default VLAN ID 1. I have created several new VLAN's. Once I configure and aplly an IP Interface to a certain VLAN the swtich becomes inaccessable right away. I am pretty sure I am not pulling my own VLAN under my connection. Every port is inaccessable. I have to pull the power plug and restart the swtich with its saved configuration. Even when I add another IP interface to the default VLAN 1, same issue. I have tried lot's of things, but can't get it to work properly. I have just upgraded to the latest firmware.
I have configured dozens of SG300 swtiches which is very easy. This one does not work with me.
View 2 Replies
View Related
Feb 1, 2011
t's been 4 days in a row now that I can't access wireless Internet on my laptop at a public library that I visit regularly. I have no trouble accessing wireless Internet anywhere else. For several months I have been using wireless Internet at the same library on the same laptop without any problem.Windows troubleshooting message: Windows can't communicate with the device or resource primary DNS serverThe wireless network at the library has no Authentication, it is while accessing a Web-site that it it automatically goes to a page where members have to login, however this hasn't been happening for the last 4 days. I'm able to connect to the network, but with no Internet access. I guess because the DNS won't respond. Here is what I already tried: Disable the firewall and see if that works properly Boot in Safe Mode with Networking and see if it works that way TCP/IP stack repair options for use with Vista or Windows 7 I installed Mozilla firefox.... still no luck[CODE]
View 13 Replies
View Related
Feb 3, 2013
Basically, I have a LAMP server for a small landing page for myself.It was all working fine until I got my new router.Now, I can only access my sites on a LAN.All the ports (3306, 80, 22) are opened and multiple port checkers online says so.I followed some of the basic steps mentioned in this forum such as firewall settings such as:
"Port and Address Restriced"
disabled QoS
Enabled Multicast Stream
enabled DNS Relay
set DHCP range to avoid any IP conflicts
Ive even temporarily removed all firewalls completely to make sure that is not the problem.
View 3 Replies
View Related
Dec 28, 2012
Studio 1558 using Windows 7 64-bit with Netgear DGN1000 router
I can access almost every website with no problem however two sites in particular time out unless I connect an ethernet cable between the laptop and the router. Then there is no problem, the site comes up immediately. The sites are skytv.co.nz and asbbank.co.nz.
I have tried different browsers but that does not make any difference. I borrowed a Toshiba laptop and connected to my wireless network and that had no problem connecting to either site wirelessly so there must be something wrong in my Dell laptop. One difference I noticed between the Toshiba and Dell laptops was in Wireless Network Connection Status the Connection Speed for the Dell is 65.0 Mbps whereas the Toshiba was 150.0 Mbps. I'm not sure what this means and whether it is relevant.
I have reduced the wireless MTU to 1400 from 1500 but still no connection on those sites. It is a nuisance to have to use the ethernet cable to visit two websites when the wireless works fine on every other site.
View 3 Replies
View Related
Oct 8, 2012
I've installed second WS-X6748-SFP linecard on my catalyst 6509 with sup720-3b and after that NAM-2 and IDSM-2 module become inaccessible from management network. I can only login with session slot N proc 1.When I execute #hw-module module 4 reset, modules become accessible.
#sh module from cat6509
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
2 48 CEF720 48 port 1000mb SFP WS-X6748-SFP SAL114670XW
3 48 48-port 100FX SFP Ethernet Module WS-X6148-FE-SFP SAL1201BZKF
4 48 CEF720 48 port 1000mb SFP WS-X6748-SFP SAL1625ETFJ
5 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAL1206FNGQ
6 2 Supervisor Engine 720 (Hot) WS-SUP720-3B SAL1206FVFB
8 8 Intrusion Detection System WS-SVC-IDSM-2 SAD120502LR
9 8 Network Analysis Module WS-SVC-NAM-2 SAD120206LB
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
2 001e.4a3e.3b30 to 001e.4a3e.3b5f 1.10 12.2(14r)S5 12.2(18)SXF1 Ok
3 001e.4aea.e7b0 to 001e.4aea.e7df 3.3 8.4(1) 8.5(0.46)RFW Ok
4 5057.a895.bb84 to 5057.a895.bbb3 2.4 12.2(18r)S1 12.2(18)SXF1 Ok
5 001c.58d0.6dc4 to 001c.58d0.6dc7 5.6 8.5(2) 12.2(18)SXF1 Ok
6 0016.c848.3698 to 0016.c848.369b 5.6 8.5(2) 12.2(18)SXF1 Ok
8 001e.f7a1.54b0 to 001e.f7a1.54b7 6.3 7.2(1) 7.0(8)E4 Ok
9 001e.f72a.ba62 to 001e.f72a.ba69 4.3 7.2(1) 5.1(2) Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
2 Centralized Forwarding Card WS-F6700-CFC SAL114881B6 4.0 Ok
4 Centralized Forwarding Card WS-F6700-CFC SAL1624EGQS 4.1 Ok
5 Policy Feature Card 3 WS-F6K-PFC3B SAL1206FNZY 2.3 Ok
5 MSFC3 Daughterboard WS-SUP720 SAL1206FSFH 3.1 Ok
6 Policy Feature Card 3 WS-F6K-PFC3B SAL1206FP27 2.3 Ok
6 MSFC3 Daughterboard WS-SUP720 SAL1206FN26 3.1 Ok
8 IDS 2 accelerator board WS-SVC-IDSUPG ADBG7270048 2.5 Ok
cat6500 running 12.2(18)SXF12a ios...
View 8 Replies
View Related
Mar 7, 2013
I'm adding another router to my home network to extend my WiFi range. (Linksys e2500.) I'm trying to change its IP from the default 192.168.1.1 so that it doesn't conflict with my primary (dhcp) router.
To isolate matters I've reset the router to factory settings, turned off my mac's WiFi and then connected the Mac to a Lan port on the router. Now I can view the router's admin page at 192.168.1.1.
Now I change its local IP to 192.168.1.3 and leave the subnet as 255.255.255.0. The router reboots and after several minutes is inaccessible at any IP I try (still hardwired to the Mac with WiFi off). Ifconfig doesn't show the router and the only way I can get it back is to factory reset it again.
View 4 Replies
View Related
Dec 26, 2011
I have a new E4200 (running FW 1.0.3) and connected a Seagate GoFlex 1TB drive to it. The drive is recognized fine by macs and PCs. However, I find random folders appearing in my mac finder as "alias" and hence innaccessiable. There are a bunch of them scattered in random areas. On Windows those items appar as an unrecongnized incon, a 4KB size and Type file with the "archive" option checked under File "Properties". On a mac they appear as kind "alias" with a 4KB size.I also didn't notice any particular oddities with the directory name (I.e no special chars). I tried renaming them and that didn't fix it.
View 3 Replies
View Related
May 6, 2013
Region : UnitedKingdom
Model : TL-WR841N
Hardware Version : V7
Firmware Version : 3.13.9 Build 120201 Rel.54965n
ISP : Linpop
I have had my WR841N for about a year, supplied to me by my WISP. I like the router in terms of facilities but it seems to have one really annoying problem.
The router becomes inaccessible via the webpage after a random period of several days. I have at times associated the issue with occasional loss of radio broadband service but it is not always so. To try and further localise the problem I set the router up to send emails of the log to me every two hours from 17/04/2013 but today for the second time the emails stopped arriving after the 02:29 message and the router is inaccessible again. The router previously locked up with loss of broadband service on 26/04/2013 sometime after emailing a log at 02:41 on that day but had been running without issue from a cold restart at 12:25 as soon as I noticed loss of service.
Today I have not lost broadband service and so even though I am no longer receiving an emailed log or able to access the router via its webpage I am leaving well alone for the present. Some months ago when I originally noticed the web access issue I downloaded and installed the latest firmware TL-WR841N-v7-120201 and I note that there have been no further firmware releases for the v7 model.
My broadband service is delivered via radio link from a local transmitter mast and is reliable with typical download speed of 20-30Mbps and 30-40Mbps upload, seldom if ever affected by weather so I now feel the problem is inherent in the router rather then being the result of some issue affecting broadband service which has been solid since 26/04/2013
Without the log I have no way of knowing what was happening when the router became inaccessible but I attach the last 24 hours of received log below.
May 5 00:59:42 DHCP NOTICE DHCPC Send REQUEST to server d91650b2 with request ip c3cecc76
May 5 02:29:44 OTHER INFO Mail successfully.
[Code]......
View 2 Replies
View Related
Jun 1, 2012
Currently my home network is being switched via TrendNet TEGs80G unmanaged gig switches. I have been using them for about a year now with no issues. As my home network becomes more advanced, I recently just added a Cisco ASA5505, I am thinking about swapping those unmanaged devices, 4 of them, to managed. I was looking at the Cisco SG300-10 for upstairs, and a 16 port variant for my main core. These devices do not support full Cisco IOS cli, but they are manageable with a rich feature set nonetheless. My question is, should I swap the unmanaged devices with the more expensive Cisco devices, or just keep what works and save the money until I really need to spend it. As previously stated, my home LAN works just fine as it is, however my WiFi, NTV550s, server and workstations are all on the same network. Probably not the most secure but it is what it is without VLAN support.
View 11 Replies
View Related
Aug 15, 2011
I have installed my new E4200 and it works beautifully. I have several wirelss adapters and a few wired connections through powerline adapters. I also have a second VPN router attached to the 4200.I can see the wireless connected devices with the associated IP addresses. If I plug a laptop directly into the Cisco, I can of course see it.However, I can see none of the devices attatched to the powerline devices? I have a securty cam connected via the powerline and want to know the IP address. I checked with cisco technical support via chat and they said it is impossible. I have used 2 previous routers with the same configuration and can see all devices.
View 1 Replies
View Related
Oct 11, 2012
All of a sudden my laptop, android phone and blu ray player (all wireless devices) can't communicate with my wired devices (marantz receiver and samsung tv). Everything still connects to the internet independently but i can't for instance play music from my wireless laptop to my wired marantz receiver. I had no trouble with this last week and didn't change anything (that I'm aware of) I did get Verizon to switch out my router but it didn't solve anything. My wife's computer also cannot connect to wired devices. Lastly, if I connect my laptop with via ethernet cable it sees wired devices fine. I tried shutting off windows firewall but didn't work. I have no other firewall/virus software installed. I can ping to all devices (wired and wireless) from my laptop.
View 1 Replies
View Related
Apr 23, 2012
I have configured SSL-clientless vpn on asa5520(8.2-asdm-6.4)It is working.Only problem is how to add pcs to the vpn.That mean like someone need to access pcs via vpn.Servers with url can add without any problem.is there anyway to add pc/servers with ip addresses?
View 2 Replies
View Related
May 16, 2013
we are trying to configure the vpn with our provider we are on Asa and the use Checkpoint , vpn seem to be established on phase 1 and phase 2 too.bur when i send ping packets seem to los on tunnel and other side do not see them.Asa is after a onother firewall and outside interface of this asa is nated on this perimeter firewall.
View 5 Replies
View Related
Oct 10, 2011
I'm trying to use a 5520 to test something but the bandwidth seems pretty low for the product I'm testing over it. Can anyone tell me if there is a bandwidth limitation by default? I'm seeing 1.5mb/s average with spikes to 6mb/s or so. On the ASA5550 I was seeing usage up to 80mb/s.
View 5 Replies
View Related
Feb 17, 2010
I'm trying to setup the SSL VPN portal:When I connect via HTTPS to the ASA5520 outside interface I get the login prompt and after successfully login it takes me directly to the Anyconnect client download (starts Anyconnect immediately) even though in the group policy is configured to not prompt the use to chose the post login and the post login is ste to go to Clientless SSL VPN Portal?
View 7 Replies
View Related
Feb 4, 2009
We have a several SonicWall TZ 190 establishing VPN tunnels with a ASA5520. Pericodically random VPN tunnels will drop and can not re-establish a connection. In order to re-establish the dropped VPN tunnel, our firewall folks manually drop all VPN tunnels connected to the ASA (they use to physically power cycle the ASA). They claim this is the only way to resolve the problem and since the SonicWall Life Time seconds for Phase 1 and 2 are set to 28800, they reset the tunnels every 8 hours. Additionally, they claim that SonicWall IPSEC is different that Cisco IPSEC which is the main problem. Hence they are requesting a SONICWAll VPN concentrator..
View 4 Replies
View Related