Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
309
Views
0
Helpful
2
Replies

ASA5520 stops forwarding, or what ?

pbuch
Level 1
Level 1

‎04-20-2006 09:45 AM - edited ‎03-09-2019 02:40 PM

I have an customer with an ASA5520, 100Mbit internet and 4000 pc's.

A couple of times each day, tha ASA stops forwarding packets. Its still alive, and i can access it from outside. From inside it looks dead.

Sometimes just removing end reinserting the cable in the inside interface can start it again. Other times only an reboot helps.

Thi inside is connected to an HP5300 switch, both ports fixed at 100Mbit fd.

HELP !! i am running out of ideas.

Nothing special in the syslog, nothing special from the ssm module. Last message on the ASDM log is "connection to syslog server lost.

Syslogging are udp.

Per Buch

Xiting

Labels:
0 Helpful
2 Replies 2

jeffrey.c
Level 1
Level 1

‎04-20-2006 12:58 PM

Hi,

Maybe you should try sniffing the internal network to check for traffic, like to host or protocol.

I have a case where the internal server keeps sending ARP flood. It slow down the network.

0 Helpful

pbuch
Level 1
Level 1
In response to jeffrey.c

‎04-20-2006 09:02 PM

Hi

We are sniffing the internal network, can't find anything special there. The network is not slowing down, its the internetconnection thats going down.

The traffic goes from 40-50 mbit/s to 0.

Connections goes from around 100/s to 0.

The IPS repports a lot of "tcp syn" but most of them looks like false positives.

There are times where the number of udp connections suddenly rises to around 200/s, but i cant se what is causing it.

Could it be default gateway spoofing ?

Would that explain this behavior ?

Per Buch

0 Helpful
Customers Also Viewed These Support Documents