I am seeing a lot of drops on the interface connected to the inside network. The sh int command reveals a lot of "switch ingress policy drops". What causes it and can be it be fixed?The ASA 5505 is running ver 7.24rgds,
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(10) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(87) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(3) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,626) -
Cisco Bugs
(54) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(149) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(45) -
Cisco Secure Firewall Management Center (FMC)
(236) -
Cisco Secure Firewall Threat Defense (FTD)
(285) -
Cisco Security Cloud Control
(16) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(20) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(46) -
Cloud
(1) -
Cloud Provisioning
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(32) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(264) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(37) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,580) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(324) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(94) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,594) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Open Source and Open Standards
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Automation Analytics Topics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(5) -
Other Firewalls
(1) -
Other IP Telephony
(1) -
Other NAC
(18) -
Other Network
(2) -
Other Network Security Topics
(10,791) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(12) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(21) -
Policy and Access
(2) -
Prioritization
(3) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(9) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(4) -
Security Management
(645) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(5) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(29) -
VPN and AnyConnect
(1) -
Vulnerability Management
(46) -
WAN
(8) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Friends, I'm having a seriou problema on ASDM. When I open ASDM, the Real Time Log Viewer pane opens and starts to show the events (logs). Suddenly, it stops. I thought that after some seconds it would refresh the events because the tool name is "REA...
Hi,I wanted to implement IDS/IPS and Application Inspection Firewall on my network. I already search some IOS with firewall feature sets and it requires a lot of memory. But I am not sure if a 7206 NPE200 router would fit to my requirements in terms ...
CLT inspect esmtp - default = enabled for 7.2 and 8.0Master Command Reference Document = disabled for 7.2 and 8.0Anyone in production that can verify which one is indeed correct.Jim Abercromby CCNP
How can I get Wifi users to get password notification from Active Directory using VPN connection?
i have two 5505 ASAs connecting back to a central 5520 ASA via the easy vpn remote option. Each of the 5505s are on their own networks. How do i get network connectivity between the two remote sites? Thanks in advance.
I would like to know how I can reduce the about of ping reply a ASA can reply. I have a ASA 5520 and need to only let 4 ping reply in.
We have our Primary site and Backup site connected through varoius routers and a PIx at each site. From our Backup Site we can connect to the two Physical host servers of the SQL CLuster, But are unable to connect to the Virtual Address. After doing ...
I have an ASA running 8.0(4). I am attempting to use an object-group to consolidate the incoming access-list as their are several servers behind the asa running web servers.However, when specifying any as the source network (I even tried using 0.0.0....
Hi;i've installed the SSL gateway with anyconnect client.Everythink is working fine, many times logged in and working, and after a few minutes the SSL gateway cannot be reached.No error page, anything, just loading gateway page without result.When I ...
Resolved! FWSM Blocking FTP
I have a FWSM running 3.1.4 that has an outside and inside interface. There is a server 146.22.x.x on the outside that needs to ftp to 146.27.y.y The FW buffer log shows access-list outside is denying the traffic. I look at access-list outside and th...
No matter what I do I can't make outbound traceroute through my ASA 5500 work. I've followed Cisco's recommendations and those from fellow posters here for similarly reported problems, but still no luck. What I see is a request time out at each hop e...
Hello,We have a ASA5520 running asa804-28-k8 with 512mb of RAM. It uses about 300mb of memory constantly and I am wondering if thats OK or not.Also I read in this forum that disabling "Threat-Detection" will win back memory and does nothing to take a...
Hello,On our Ciso ASA we have the ASA-SSM-10 IPS module. It seem sto be in a state and the Cisco IPS Manager Express says it's not connected anymore. If I SSH/Telnet to it then I get the message:Error: Cannot communicate with mainApp (getVersion). Pl...
We have 2 Cisco ASA 5520 boxes setup - 1 is our live box and the otehr one is a failover. These have been setup and running for a while and were working ok. But we have noticed that if we make a config change on one of the boxes the other box also go...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 06-10-2026 08:08 PM | ||
| 05-26-2026 07:54 AM | ||
| 05-02-2026 06:09 AM | ||
| 04-30-2026 12:46 AM | ||
| 04-24-2026 07:04 AM |
New solutions
