Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1105
Views
10
Helpful
7
Replies

Internet performace issue

Go to solution
mze
Level 1
Level 1

‎04-19-2022 08:42 AM - edited ‎05-02-2022 03:30 AM

Short term internet problem

 

1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎04-20-2022 12:44 PM

First step in troubleshooting check ACL/NAT and Out interface 

asa# packet-tracer input Interface  tcp x.x.x.x 12345 y.y.y.y 80 detail 

do packet-tracer elect the interface and x.x.x.x and y.y.y.y to check the traffic if it pass use PBR or pass use default route.

For example 

access-list VRF01_To_ServiceProvider2 extended permit ip object-group VRF01_VLANS any<- use the VRF01_VLANS to specify the x.x.x.x and y.y.y.y will be any ip.


interface is VRF01-ASA-HANDOFF 

 

we must get the Out interface is which we config in PBR.

View solution in original post

7 Replies 7

Go to solution
marce1000
VIP
VIP

‎04-19-2022 09:02 AM

 

 - You may find this document useful : https://techbloc.net/archives/1082

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎04-19-2022 09:17 AM - edited ‎04-19-2022 11:33 AM

ASA with PBR ? that meaning you have dual ISP connect to ASA ? 
can I see the config of PBR and if you use IP SLA also please can I see the config of IP SLA ?

Are the traffic is UDP ? if Yes try floating-timeout command 

0 Helpful

Go to solution
mze
Level 1
Level 1
In response to MHM Cisco World

‎04-20-2022 04:53 AM - edited ‎05-02-2022 03:31 AM

Thanks for reply

0 Helpful

Go to solution
marce1000
VIP
VIP
In response to mze

‎04-20-2022 09:22 AM

 

   - FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCux86596

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
mze
Level 1
Level 1
In response to marce1000

‎04-20-2022 12:20 PM

Its using the version 9.13(1) so doesnt seems to be this bug causing the issue . 

0 Helpful

Go to solution
marce1000
VIP
VIP
In response to mze

‎04-20-2022 09:51 PM

 

 - Can't be sure of that - from bug report -> Known Fixed Releases (0

  M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎04-20-2022 12:44 PM

First step in troubleshooting check ACL/NAT and Out interface 

asa# packet-tracer input Interface  tcp x.x.x.x 12345 y.y.y.y 80 detail 

do packet-tracer elect the interface and x.x.x.x and y.y.y.y to check the traffic if it pass use PBR or pass use default route.

For example 

access-list VRF01_To_ServiceProvider2 extended permit ip object-group VRF01_VLANS any<- use the VRF01_VLANS to specify the x.x.x.x and y.y.y.y will be any ip.


interface is VRF01-ASA-HANDOFF 

 

we must get the Out interface is which we config in PBR.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card