Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
254
Views
0
Helpful
1
Replies

ASA 5510 unknown subnet trying to ping inside

Lee Dress
Level 1
Level 1

‎03-14-2014 06:43 PM - edited ‎03-11-2019 08:56 PM

I have an ASA 5510 8.4(5) in one of my remote offices.  it's got a tunnel back to my main site.

the past 2 nights it crashed around 3:00 am and you couldn't do anything but power it off and back on again.

I noticed it was externally pingable, so I turned that off today.

 

One thing I am noticing in the ASDM logs that some addresses are trying to ping the inside interface.

I don't know the addresses though. they are not one of any of my subnets.

 

any idea how I can track that down?

3Mar 14 201421:33:11 192.168.110.20   

Denied ICMP type=9, code=0 from 192.168.110.20 on interface inside

 

3Mar 14 201421:32:47 192.168.110.100   Denied ICMP type=9, code=0 from 192.168.110.100 on interface inside

 

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-15-2014 08:14 AM

 

What does your inside gateway think about the reachability of that source subnet?

Do they have any remote access VPN setup? Those could be from a VPN pool of addresses.

If not, you'll have to do a capture of the actual packets to trace down the originating MAC address and trace it from there.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card