12-19-2011 12:21 PM - edited 03-11-2019 03:03 PM
Hello,
We're getting "Connaction Timeout / Connection Failure" error messages several time per day. Here is our setup:
Verizon FiOS Internet (ONT Box) --> Cisco ASA 5505 --> EdgeMarc 4500 Router --> Cisco 300-24G Switch --> Dell PE1950 Servers
From past few months, we keep getting Connection Timeout and Connection Failure error messages in our vendor application which connects to SQL Server 2005. Also Terminal Server 2003 keep disconnecting for every few hours.
After several days of troubleshooting, we come to know that this Cisco ASA 5500 is not working properly. When I access the ASDM, it shows several warning messages.
I know there is a setting option to configure TimeOut, but is there anyway to test and track the ASA 5500 regarding this Timeout issues?
I'm newbie to these kind of advanced firewalls. Any further help would be greatly appreciated. Thank you.
12-19-2011 12:30 PM
Hello Srinath,
As you heard you can configure the time-out for the connections traversing your ASA ( using either the global time-out or the MPF option for the time-out) the thing is that some applications like ftp and SQL*Net use secondary flows so if you want to setup a connection time out for those applications you will need to use the global command.
You can refer to this document for some information:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/protct_f.html
Now there is no command to test it, you will need to create a connection and then see how it goes as soon as it reaches its time-out previusly configured.
Hope this helps, if not just let me know and I will try to help.
Please rate helpful posts.
Regards,
Julio
12-19-2011 12:57 PM
Hello,
Thanks for your prompt reply. I just come to know that (from our 3rd party IT) the ASA firewall is actually configured to create a dedicated VPN tunnel to a secure remote site (to our software vendor.) And we used EdgeMarc router as a main router to establish VPN tunnels to our locations. Since we (probably I) connected FiOS Internet directly to ASA, and then ASA to EdgeWater router, all traffic is going through ASA firewall which increases load and triggers timeout issues.
I will refer the link that you provided and let you know if we still encounter any issues or not. Thanks.
12-19-2011 01:23 PM
Hello Srinath,
Thanks for the rating, I will be more than glad to help.
Regards,
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide