Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
522
Views
0
Helpful
5
Replies

Weird ASA issue

Rick Twells
Level 1
Level 1

‎10-04-2012 03:05 PM - edited ‎03-11-2019 05:04 PM

Hi,

Wondering if anyone else has seen the following issue... We has 2 5520 ASA's running 8.4(3) HA in routied mode with 2 contexts and randomly after weeks and weeks of running perfectly it decied to stop dealing with new connections from new hosts.  exisiting hosts seemed to be unaffected if we killed those connections the working hosts stopped and were unable to reestablish connecvity.

Some of the things we tried (and failed) to fix the issue:

clear arp

clear xlate

i checked routing end to end and found no issue, no-one was on the asa at the time or changed any infrastructure inbetween.  i did want to clear the connections but was told to give it the old IT favorite (reboot) before.

Ive googled and searched here but cant find anything to match what we experienced. 

The logs from the time pretty much said deny to everything but with a rule base of any any on every interface. config is attached if it helps

Thanks

Rick

Labels:
136288-ASA running config.txt.zip
0 Helpful
5 Replies 5

Julio Carvajal
VIP Alumni
VIP Alumni

‎10-04-2012 03:48 PM

Hello Rick,

Interesting.... Have you rebooted it already?

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Rick Twells
Level 1
Level 1
In response to Julio Carvajal

‎10-04-2012 04:19 PM

Hi Julio,

Unfortunatly yes i have and it did resolve the issue for us.

Thanks

Rick

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to Rick Twells

‎10-04-2012 04:56 PM

Hello Rick,

Yes, I have one similar issue like that long time ago ( different version, not multiple context) where all the packets where all the packets where getting denied by a mystic ACL ( non existent ). Customer rebooted the ASA during the investigation and that solved.

It looks like the some of the processes of the ASA got stuck  ( in this case the ACL filtering mechanism)

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Rick Twells
Level 1
Level 1
In response to Julio Carvajal

‎10-04-2012 05:00 PM

was it a bug or just one of those "solar flare" kind of explanations

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to Rick Twells

‎10-04-2012 05:11 PM

Hello Rick,

As they rebooted the device, we could not investigated.

But we let the case open for 2 more weeks on that case so it looks like  "solar flare" is the desicion.

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card