cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
350
Views
0
Helpful
3
Replies

ASA5505 firewall -- strange behavior

ernestexpress
Level 1
Level 1

                   We have a asa5505 firewall at work and have a port to ssh which my software developer can log into with putty only during non busy times when we are running our business in the day he can not log in. After work he can get logged in.

But it gets stranger. He was another site he works at and he can get logged in from that site anytime even when his site does not let him log in.

We are clueless as to what is going on here.

We configure I think it is a NAT to map a port coming in from the outside to ssh on our inside network and I have tried it from my home and it works just fine.

What would cause his site to be so squirrely

Also we have not updated the firmware on the asa5505 for a long long time and I see that cisco is not going to support it anymore

what new product would any of you recommend to replace the ASA5505 with

Ernest Strother

Express Industries

1 Accepted Solution

Accepted Solutions

jocamare
Level 4
Level 4

Can you attach the configuration of the unit to the thread?

When he wants to connect during business hours but can't, is he even able to get the login prompt?

I'm thinking about time-ranges and management over VPN. Need config to confirm.

You still have more than 4 years of support for the unit, but if you want to replace it, i guess i would go with the 5515-X since there is no replacement for this firewall in the new 5500-X family.

The 5515-X is more like a 5510 though, it's the "closest" you will get i guess.

View solution in original post

3 Replies 3

jocamare
Level 4
Level 4

Can you attach the configuration of the unit to the thread?

When he wants to connect during business hours but can't, is he even able to get the login prompt?

I'm thinking about time-ranges and management over VPN. Need config to confirm.

You still have more than 4 years of support for the unit, but if you want to replace it, i guess i would go with the 5515-X since there is no replacement for this firewall in the new 5500-X family.

The 5515-X is more like a 5510 though, it's the "closest" you will get i guess.

yes jocamare you are right the configuration was blocking the connection but it was the firewall on our programmer's side not our firewall that was blocking him from connecting during business hours

thanks for pointing us in the right direction

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Ernest,

I would help but man I could not understand what you mean,

Sorry

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: