You might be able to use EEM

harryraju · ‎12-08-2014

Hi there

I'm not even sure if this is possible but hope someone can help me out if it is :) .

What I would like to do:

On a ASA 5505 (9.2(1)), i would like to do a shut and no shut of the outside interface every time out going traffic flow stops.

so if i was doing this manually, i would ping a public IP address (8.8.8.8 for example) every hour and if the ping fails, I would do a shut and a no shut on the outside interface. Is there a way to automate this process on the ASA?

The reason I would like to do this:

Currently we are having to reset the outside interface every time our ISP has an outage( and they have a lot of them). The root cause for this seems to be DHCP and ARP request and i'm working with the ISP to get this resolve. In the mean time, is there is a way to automate the above process, it will save me from going to the office in the middle of the night to reset the ASA.

Hopefully someone will have a solutions for this.

Thanks

michael o'nan · ‎12-08-2014

You might be able to use EEM scripting. I use one for clearing DHCP conflicts that looks like this:

event manager applet clear-dhcp-conflict
event timer watchdog time 43200
action 1.0 cli command "enable"
action 2.0 cli command "clear ip dhcp conflict *"
action 3.0 syslog msg "Cleared IP DHCP conflict log"

harryraju · ‎12-10-2014

Thanks Michael. Had a look at EEM but it doesn't give me any option to use a tracked object as an event so I don't think I'll be able to use EEM.

Configuring an interface reset