Showing results for 
Search instead for 
Did you mean: 

Firewall or ISP?


We have an ASA 5515 with dual ISP providers (Comcast & AT&T) set up. We have made no changes in regard to the Comcast interface nor the AT&T interface for about a year. All of sudden yesterday we were getting intermittent disconnects and reconnects (about 2-3 minutes up &5-10 minutes down) from our Comcast interfaces. Since there have been no changes made to firewall config and our Windstream connection was fine, I assumed it was on the ISP's end. They are telling me it's a firewall issue. I understand their reasoning however I'd like to get your opinion on the matter.

Here's the troubleshooting steps I've taken far; Comcast is saying everything is fine because if they take my public IP (ex; and set on another device like my laptop, everything works fine and does not drop, it's as soon as I plug it into the firewall when it starts dropping in/out. So, I double-checked everything NAT rules, ACL, route maps, etc. Everything looks fine and nothing's changed as expected. I went back to comcast, and they asked me to try another IP in the block, so I changed .100 to .101 and it worked perfect, no drops and consistent. But when I change back to .100 the disconnect issues immediately resume. I go back to comcast, and they tell me it must be a hardware issue with my firewall. I tell them that is highly unlikely as I have 2 firewalls stacked for failover and chances of both of them going out with the exact same issue is highly unlikely.  They are still sticking with the issue being on my end. So, I tried restoring my firewall to a known working date, and the exact same issue starts happening (note there have been almost no config changes for a year). 

Essentially this address will not hold a consistent connection, only on the firewall.  

I am at a loss at this point and go home for the night. The next morning, I come in and everything's working fine now with that address, again no config changes have been made for about a year. 4 hours after I left it the .100 address stabilized and has been up since then. This is great but I want to know why this happened to make sure it doesn't happen again or if the issue is even on my end. What do y'all think? I'm leaning more to layer 3 on ISP end now, but I'm not sure because of the laptop test.

16 Replies 16


  Probably anyone here already got in the situation of talk to an ISP, they deny any problem on their side and later on the problem is gone. They probably have found the problem after you complain but they will never tell you that someone there made some s***. 

 This is the standard all over the world.