cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2532
Views
5
Helpful
3
Replies

ASA 5505 - Connection Timeouts / Connection Failures

meratechstuff
Level 1
Level 1

Hello,

We're getting "Connaction Timeout / Connection Failure" error messages several time per day. Here is our setup:

Verizon FiOS Internet (ONT Box) --> Cisco ASA 5505 --> EdgeMarc 4500 Router --> Cisco 300-24G Switch --> Dell PE1950 Servers

From past few months, we keep getting Connection Timeout and Connection Failure error messages in our vendor application which connects to SQL Server 2005. Also Terminal Server 2003 keep disconnecting for every few hours.

After several days of troubleshooting, we come to know that this Cisco ASA 5500 is not working properly. When I access the ASDM, it shows several warning messages.

I know there is a setting option to configure TimeOut, but is there anyway to test and track the ASA 5500 regarding this Timeout issues?

I'm newbie to these kind of advanced firewalls. Any further help would be greatly appreciated. Thank you.

3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Srinath,

As you heard you can configure the time-out for the connections traversing your ASA ( using either the global time-out or the MPF option for the time-out) the thing is that some applications like ftp and SQL*Net use secondary flows so if you want to setup a connection time out for those applications you will need to use the global command.

You can refer to this document for some information:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/protct_f.html

Now there is no command to test it, you will need to create a connection and then see how it goes as soon as it reaches its time-out previusly configured.

Hope this helps, if not just let me know and I will try to help.

Please rate helpful posts.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hello,

Thanks for your prompt reply. I just come to know that (from our 3rd party IT) the ASA firewall is actually configured to create a dedicated VPN tunnel to a secure remote site (to our software vendor.) And we used EdgeMarc router as a main router to establish VPN tunnels to our locations. Since we (probably I) connected FiOS Internet directly to ASA, and then ASA to EdgeWater router, all traffic is going through ASA firewall which increases load and triggers timeout issues.

I will refer the link that you provided and let you know if we still encounter any issues or not. Thanks.

Hello Srinath,

Thanks for the rating, I will be more than glad to help.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: