05-03-2020 03:48 PM
I'm running into an issue with our ASA that just started this weekend. Prior to this, everything was working fine and I am not sure what could have changed if anything.
This ASA only is used for AnyConnect. Everything works fine and then all of a sudden, the anyconnection connection drops and from the firewall, I am no longer able to ping out to 8.8.8.8 and also I am unable to ping anything locally.
If I restart the firewall, it goes back to working for about 10 minutes and then the same thing happens. I'm not sure what else to check. I've tried to do a clear xlate and clear conn. Nothing has changed on the firewall and I even did a restore back to the middle of April when things were working but still have the same problem.
05-03-2020 03:50 PM
Here's from the outside interface while it's been working for about 10 minutes.
Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec
Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
Input flow control is unsupported, output flow control is off
MAC address 001e.f75e.798e, MTU 1500
IP address 1.1.1.1, subnet mask 1.1.1.1
57886 packets input, 11669459 bytes, 0 no buffer
Received 582 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 pause input, 0 resume input
0 L2 decode drops
46112 packets output, 21023295 bytes, 0 underruns
0 pause output, 0 resume output
0 output errors, 0 collisions, 1 interface resets
0 late collisions, 0 deferred
11 input reset drops, 0 output reset drops, 0 tx hangs
input queue (blocks free curr/low): hardware (255/230)
output queue (blocks free curr/low): hardware (255/240)
Traffic Statistics for "outside":
57875 packets input, 10624572 bytes
46112 packets output, 20189895 bytes
1311 packets dropped
1 minute input rate 46 pkts/sec, 7614 bytes/sec
1 minute output rate 33 pkts/sec, 11087 bytes/sec
1 minute drop rate, 1 pkts/sec
5 minute input rate 54 pkts/sec, 9175 bytes/sec
5 minute output rate 45 pkts/sec, 21819 bytes/sec
5 minute drop rate, 0 pkts/sec
05-03-2020 06:07 PM
Can you upload your FireWire show tech file. Just to be clear the issue noted is not with anyconnect with its as whole?
anychanges made recently in your network? It could be some broadcast storm in your network where some one plug a cable wrong and created a loop in network.
share your firewall show tech support file. Difficult to say what could be the issue with seeing the logs. Also change on your switches show logs and share the output here.
05-04-2020 03:01 AM
Sheraz,
I think your probably right and it could be some sort of broadcast storm. I'm just not sure what happened. As far as I know, nothing has been changed.
Do you have a recommendation of the best way to figure out what could be causing it? We have a combination of Netgear and Cisco switches.
Thanks
05-04-2020 03:18 AM
the best start is check the logs on cisco switch/ netgear. I believe you have a syslog configured to offload it to external server. if not check on the cisco cli. show logging. and also give command show terminal mon if you connect via ssh to switch.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide