Re: ASA 5505 Drops Internet - TimeWarner Cable

Timothy Garay · ‎10-17-2016

I have done a bunch of researching and I have tried some troubleshooting when the problem occurs but I'm just coming up empty-handed. This is really frustrating my family and myself.

We have TimeWarner cable. From the Motorola cable modem I go right to interface 0/1 on my Cisco ASA 5505 (9.1(6)) with ASDM 7.4(3). That is setup as the outside interface with DHCP and gets assigned my public IP address (which does not change often).

I have unlimited license to internal hosts. I have hard coded 0/2 to full duplex 100MBps.

From the ASA I go to a gigabit switch and from there to the rest of the computers in the house. I work from home so have VPN access to work and see right away when Internet connection drops.

About once per day (no specific time of day), I lose Internet connectivity from internal devices. I can still ping the ASA (it is up) and login to it. I cannot ping any public DNS or IP addresses.

Easiest fix is just to reboot or reload the ASA. When it comes back up the problem is fixed.

Lately, I've been trying to troubleshoot and hopefully fix the problem altogether. Today it happened again and I was in a position to do some troubleshooting. Cable modem shows connection with no issues. ASA is up. I login to ASDM of ASA. Nothing looks like issue in log messages. I Putty to ASA. Do show arp, clear arp. Do show conn count and clear conn. Do clear xlate. These are all things I found in other posts. From ASA I can ping all internal hosts. I can ping the cable modem (192.168.0.1). I cannot ping any public DNS or IP addresses. I cannot ping my public IP address (whatever it is at the time). ASA doesn't really show anything is wrong - I just can't get out. I do a shut then a no shut on 0/1 (outside interface) and Internet starts flowing again. When Internet is working, I am able to ping my public IP address from the ASA.

Things I am looking for: suggestions of things to check, look at or do next time this happens for troubleshooting.

Doing a real time log view, I don't see the firewall blocking anything like perhaps it has shut things down.

I am a novice at Cisco. Am familiar with the CLI basically but no whiz kid at commands for troubleshooting.

I have attached my running config if anyone would like to review it.

Thank you!

-TimG

Timothy Garay · ‎10-17-2016

One more thing to add...

According to my wife and kids, it goes down during the night as well after I'm in bed.

Last night apparently it went down and they could not access the Internet for an hour or so before it came back.

That really confuses me. If nobody logs in to the ASA or power cycles the equipment, what causes it to come back by itself when it's broken?

-TimG

Timothy Garay · ‎10-24-2016

Additional troubleshooting information that I have obtained during down times:

1.) I plugged my laptop directly into the Cable Modem and when the 5505 was not passing traffic, my laptop was still able to access the Internet. It does not appear to be an issue with the actual Internet connection from the ISP or the cable modem. Internet is still working, it is the 5505 that is not passing traffic out.

2.) I swapped out the 5505 with an old router. I have not had this issue occur since. I'm only doing this temporarily as a test since the throughput of the old router is only about 1/3 that of the 5505. I just want to make sure that I prove where the issue lies.

3.) Saturday morning the 5505 was not passing traffic. I collected some debug logs (attached). The traffic actually started flowing again on its own (without doing a reload or shut/no shut on the outside interface). A short while later it dropped again and I did a reload to get it back. Maybe someone can look at the debug log and see anything?

steve.w.kesler · ‎10-30-2016

I'm having this exact same issue. Seems like something is going on with the DHCP renewal on the ASA 5505. I have Time Warner also. Everything has been working fine until ~2 weeks ago. I can plug into the Ubee modem and still got out to the Internet. On the ASA 5505 I can ping all other internal hosts with no issue just as you stated above. Rebooting the ASA and cable modem fixes the problem. Happens regularly ever ~10 hours.

Timothy Garay · ‎11-03-2016

I have reconnected the ASA 5505. It went a couple of days without incident and now it is back to several times a day.

squareoneit · ‎09-11-2017

i'm having a similar issue with my ASA 5506. Did you ever figure out what was causing the loss of internet?

Thanks,

Kevin

jumora1 · ‎09-11-2017

Based on defects found on that 9.1.6 version I would suggest to upgrade the unit but we could also check resources and send logs to a logging server.

If you wish for me to check your device just send me an email to juanmh8419@gmail.com

Security Engineer
juanmh8419@gmail.com
Skype: juanmh8419@hotmail.com

jumora1 · ‎09-11-2017

Can you get me a show tech so I can see some block, memory and interface statistics?

I would suggest to check interim release notes, the first defect mentions :

https://www.cisco.com/web/software/280775065/123352/ASA-916-Interim-Release-Notes.html

https://www.cisco.com/web/software/280775065/131523/ASA-917-Interim-Release-Notes.html

Security Engineer
juanmh8419@gmail.com
Skype: juanmh8419@hotmail.com

jumora1 · ‎09-11-2017

Can you get me a show tech so I can see some block, memory and interface statistics?

I would suggest to check interim release notes.

Security Engineer
juanmh8419@gmail.com
Skype: juanmh8419@hotmail.com

squareoneit · ‎09-11-2017

Here is the show tech. i did omit the config.

Thanks,

Kevin

jumora1 · ‎09-12-2017

I checked your device and I saw nothing in particular.

When it fails I would suggest checking the arp table of the ASA and the client when it is and is not working.

There is also a field notice with 5506 which indicate that they could stop working after 18 months so I would check the next link

https://www.cisco.com/c/en/us/support/docs/field-notices/642/fn64228.html

Security Engineer
juanmh8419@gmail.com
Skype: juanmh8419@hotmail.com

squareoneit · ‎09-12-2017

Thanks for the heads up on the field notice. I checked and this unit isn't affected by that. The next time it loses internet I'll check ARP. I had been reading about that could be a possible cause.

Thanks,
Kevin

jumora1 · ‎09-14-2017

any feedback

Security Engineer
juanmh8419@gmail.com
Skype: juanmh8419@hotmail.com

jumora1 · ‎09-14-2017

Also run a clear asp drop and do a show asp drop when you see the failure.

I would also suggest to try to run a nslookup on the PC or try to use an IP on the browser to see if you can reach out via IP.

Security Engineer
juanmh8419@gmail.com
Skype: juanmh8419@hotmail.com

wickedlfe · ‎08-09-2020

I'm having this exact same issue with my 5506-X. It's been working fine for close to 3 years and all of a sudden 3 weeks ago the internet connection symptom started. Did you ever find a solution?