12-27-2013 07:05 AM - edited 03-07-2019 05:16 PM
Simple network
ASA 5505 connected to 2911 Router connected to a 3560 switch.
Access to the internet is working.
Access to the router from outside is set.
Access to the computer inside the network is working and IP is being handed out by the router.
Can't access the router IP address (Either SSH or Telent), ping works about 35% of the time. Was working yesterday.
I've rebooted the router. Rebooted the computer. Rebooted the firewall.
Any thoughts?
12-27-2013 07:09 AM
Can you console into the router? You may have exhausted the amount of lines with other telnet sessions and they've locked the terminal. If you can console into it, try "show users" and see if there are any active connections. If so, clear them with "clear line vty
Ping is another thing. Is there a lot of traffic on the network right now? Generally, this can be an indication of a storm or loop in your network somewhere.
HTH,
John
*** Please rate all useful posts ***
12-27-2013 07:12 AM
Thanks John
I considered that I may had used too many connections and they weren't clearing so I had the person on site reboot the unit.
Didn't help.
I'm not physically near the site and I don't have console connection there. Might have to work out a way though.
12-27-2013 07:15 AM
How are you pinging it? Are you pinging locally or from remote?
HTH,
John
*** Please rate all useful posts ***
12-27-2013 07:18 AM
Pinging from the firewall as well as the computer inside. Inside barely gets a response. The firewall gets between 10-40% responses.
ping 10.2.18.1 repeat 100 from the firewall.
12-27-2013 07:24 AM
Is there anything between the fw and router? When did this start? Can you ping the firewall fine from a computer connected to the switch?
I'm assuming your connection is like:
Router ---- FW ---- 3560 ---- host
If so, try having someone ping from their host to the fw lan interface. If that's good, and the problem just started happening, you could have a bad cable, interface on router, etc.
HTH,
John
*** Please rate all useful posts ***
12-27-2013 07:54 AM
Cable Modem ----- Firewall -------- Router ------- Switch ------- Computer
Firewall is accessible from inside and outside of network.
Computer I'm logged into using Teamviewer.
Can't hit the switch or the firewall.
Suggested there might be an IP conflict. So I'm locking the inside computer to one IP out of the scope. Still weird I can't get to the router from the firewall.
Worked yesterday to get a GRE tunnel working on the router and an IPSEC connection on the firewall. Had an issue with flapping EIGRP routing so I removed the IPSEC from both sides and the GRE from the far end. But I did this *after* I couldn't get into the router.
Kevin
12-27-2013 01:41 PM
Got back into the unit finally. Logging had been left on and there was a storm of EIGRP failures. Must have been tanking the CPU cycles.
All stable now. Rebuild will proceed shortly.
Thanks for you helpful suggestions John
12-27-2013 02:01 PM
That'll do it Glad to hear you found out what the issue was!
HTH,
John
*** Please rate all useful posts ***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide