IBM tivoli TSM backup keep dropping over a ASA 5510 firewall
I have a fairly standard configuration on a ASA 5510 with 8.4(7) software.
One windows server 2008 R2 on the inside attempt to make a backup of its MSSQL database to a offsite backup vendor, but when it goes over the firewall it keeps dropping the connection at a random time after the start.
I Windows server can complete its backup if its assiged a public IP and is connected directly to the internet.
I have tried about everything to prevent timeouts for the connection. I have applied a policymap:
policy-map tsm-conns class tsm-traffic set connection timeout embryonic 0:00:00 half-closed 0:00:00 idle 0:00:00 set connection advanced-options tcp-state-bypass
and I have adjusted the nat/pat timeout:
timeout xlate 8:00:00 timeout pat-xlate 0:05:00
The TSM client gives a "AC00151E Errors occurred while processing the request".
There is no indication of any oddities in the log on the firewall and on TSM server (offsite).
The only thing that is not standard on the firewall is that the inside and outside interface have the same security level and it have the two "same-security-traffic" enabled. But as far as I can tell this should not cause this behavior.
I am running out of idear to how this issue arise, so I would appriciate any input.
Threat Response integrates with Cisco's Web Security Appliance (WSA) to provide visibility into web-bourne threats. By adding a Web Security or SMA Web module to Threat Response, investigators will be able to search for domains, URLs, and file hashes th...
I was helping some friends and they were trying to solve a scalable VPN issues, specially these days with the pandemic situation.
I recommended to implement ASA VPN Load-Balancing.
This will allow to keep 1 FQDN for all RA-VPN users an...
Purpose of this article is to share our experience during that Covid-19 period where we were able to successfully setup a VPN configuration for remote worker using Alcatel 8068S phones with FTD 2110 running 220.127.116.11.I would like to thank all of my colleagu...
For additional advanced ISE related Tips, please visit Advanced ISE tips to make your deployment easier document
Downloadable URL-Redirect ACL with ISE
If you have ever configured central web authentication with ISE you understand that it requires...
Cisco Defense Orchestrator (CDO) is a cloud-based multi-device manager that can manage security products like the Adaptive Security Appliance (ASA), the Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.&nb...