Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
857
Views
0
Helpful
4
Replies

Windows Share Keeps Dropping Approximately Every Hour

cossy-cosmas
Level 1
Level 1

‎07-25-2011 06:54 PM - edited ‎03-11-2019 02:03 PM

Hi Guys,

Newbie here so please be patient. :O)

I have a server on a DMZ that provides a windows share to another server on the internal network. The server on the internal network checks the share every two minutes for files that may have been placed there by incoming ftp clients.

This typically works well with no issues but every so often the share becomes momentarily unavailable and the connection fails. The next two minutely run of the Share check works and all is normal again until the next failure.

I know that this issue is specific to the firewall as an equivalent share to a server on the private network works without error.

Anyway, the session failures occur approximately every hour but this is approximate only andthere are failures at other times.

I checked the ASA firewall configuration and discovered the following timeout settings:

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 1:00:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

The 'timeout conn' value of one hour appeared to be correlate with this issue and could, I thought, be the sort of thing that might be causing my problem so I increased it to 24 hours but that didn't make any difference. I changed the timeout value by simply entering:

conf t

timeout conn 24:00:00 half-closed 1:00:00 udp 0:02:00 icmp 0:00:02

exit

Is this correct? Is there anything else that I need to do or do you think that this is not the root of my problem?

I've included some version information relating to the ASA software that may be useful.

Cisco Adaptive Security Appliance Software Version 8.0(3)
Device Manager Version 6.0(3)

Compiled on Tue 06-Nov-07 22:59 by builders
System image file is "disk0:/asa803-k8.bin"
Config file at boot was "startup-config"

Some more information...

If I check my active connections using the 'show conn' command, the idle time for the connection that I am having problems with never goes above 2 minutes. This correlates with my automated script that checks the share every two minutes.

This therefore doesn't appear to be an 'idle' timeout issue as the idle timer never goes beyond two minutes. Something else must be causing the problem.

Any advice appreciated...

Cossy

Labels:
0 Helpful
4 Replies 4

Anu M Chacko
Cisco Employee
Cisco Employee

‎07-26-2011 12:06 AM

Hi Cossy,

What do the syslogs on the ASA say when the connection is torn down?

logging buffered 7

logging on

sh log

Let me know.

Regards,

Anu

0 Helpful

cossy-cosmas
Level 1
Level 1
In response to Anu M Chacko

‎07-26-2011 12:39 AM

Hi Anu,

Does this command generate significant overhead that may cause the firewall to hang?

Had a bad experience once with 'debug all'.

Also, are all three commands entered in to the config or just the first two and the last is a command?

Thanks for your help.

Cossy

0 Helpful

Anu M Chacko
Cisco Employee
Cisco Employee
In response to cossy-cosmas

‎07-26-2011 03:37 AM

Hi Cossy,

No..this will not case any significant issues unless you already have an issue with CPU, etc. The command "sh log" will show you all the syslogs collected. you need to enable syslogging using the first 2 commands.

Hope this is clear.

Regards,

Anu

0 Helpful

cossy-cosmas
Level 1
Level 1
In response to Anu M Chacko

‎07-26-2011 07:45 AM

Hi Anu,

I've circumvented this problem by mounting and unmounting the share every time my script runs.

I do appreciate your help so thanks anyway.

Cossy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card