03-15-2008 11:48 PM - edited 03-05-2019 09:47 PM
When i do show interface on PIX 515E having version 7.0.2 i see the following out put
Received 40000 VLAN untagged packets
Forward 70000 VLAN untagged packets
Dropped 3000 VLAN untagged packets
Can any tell me which kind of drop this is?
03-16-2008 09:58 AM
Hello,
Need more information on your interface configuration and other end device connected to this interface.
The following link provides description for the above output ( "show interface" command )
http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/s.html#wp1509509
HTH
03-16-2008 12:28 PM
Hello i already see the above links but information is useless, it just inform the same what is in output.
firewall interface is connected to 2970 switch and switch port is an access port, there is no vlan configured on firewall port.
ask me what other information you need
03-16-2008 02:37 PM
Please provide output of
"show interface
03-17-2008 02:51 AM
03-17-2008 09:13 PM
Hello Muhammad,
Compared the bytes transmitted and received by both interfaces.It seems that description is dropped vlan packets is not indicative of correct packet drops as stated by following cosmetic bug
CSCeh81141
Dropped VLAN untagged packet
To observe where actually packets gets dropped use the command ""show asp drop""
HTH
Padmanabhan
03-18-2008 01:29 PM
Find the attached files, actually i am getting connection time out, some times not usually, my web server is on inside and it try to connect with a DB at outside 90% is success rate and 10% is failure ip address is as following
webserver 87.200.2.6
PG 195.229.85.91 destination port is 2443
see the syslog file
03-18-2008 02:57 PM
Hi,
The connection is established from outisde to this IP address on various ports and sometimes it Resets the connection request immediately whereas in some instances the application
closes the connection by sending FIN after few minutes.
The set of messages are well explained in the following link
http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html
show asp drop
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/s2_72.html#wp1174636
There can be many reasons for the tcp packet drops.You can start with application configuration on 87.200.2.6 and who is initiating the connection.
Depending upon the observed time-frame and traffic pattern,this can be totally normal.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide