I currently have a problem where I have to constantly reboot my ASA whenever my cable modem reboots. The ISP (Pen Tele Data) is setup so that my ASA has to obtain its' static IP using dhcp (ip address dhcp setroute) on the outside interface. Now, I also have another location with a cable connection (Comcast) that does NOT experience the same problem. However, the difference is this ISP allows me to assign my static IP directly on my outside interface. What can I do so that I don't have to reboot my first ASA everytime modem reboots. Thanks.
First question would be why would the cable modem reboot so often that this would be a constant problem?
I have seen several similiar posts on the forums related to problems with cable modems.
I am not really sure what is happening with the cable modem and ASA when the modem has booted
Have you monitored the situation from both the ASA and the cable modem after the modem has booted?
Lately the ISP has been doing a lot of maintenance on their network, and they remotely power cycle the modem after they complete their changes. The reason this is an issue for me is because this remote site is 25 minutes away from our central office and there is no other IT support at this location. No, I haven't monitored anything yet.
So you are saying that the ASA facing this problem is a remote ASA considering where you work and when the cable modem reboots you have no means to get access to the ASA and have to go onsite to power cycle the ASA to enable connectivity again?
Does the ASA in question receive a public IP address directly from the ISP or is the cable modem providing a private IP address and doing NAT itself?
I guess this is probably a situation where it would really help if the ISP monitored and determined what is causing this problem. We very rarely deploy ASAs using DHCP and when we do they to my knowledge have never run into any problems
Also the ISP (where I work) use cable connections only for consumer use and the business customer connections we manage only use copper/fibre so I am not that sure if I a missing something that might be purely related to the cable modems and that type of connections in general.
Its a shame that the ASA doesnt support the same type of scripting that the Router side does. I imagine on the Cisco router you could actually configure a script on the device which would react to the situation where the device in front goes down and the router as a result would run certain commands to recover from the situation.
I cant really think of anything at the moment that could be done on the ASA side. I dont know what the chances are of getting someone at the ISP looking at this situation at the sametime when the cable modem has been booted? I would imagine that the DHCP requests/discover messages when the ASA is rebooted is what is needed to get the connections working. I would imagine that there is no change in the IP of the default gateway of the ASA or the MAC of the default gateway IP address that could cause the problem with connectivity. If it were then you could simply configure the ASA "arp timeout 60" which would timeout ARP table markings in 60 seconds.
Sorry for the delayed response. Yes, the modem is providing the private IP address, and the ISP is not willing to allow me to assign it directly to the ASA. Not sure what else to do on this one.