11-28-2011 07:26 AM
Hello,
We've just deployed a site-to-site VPN using a 5505 ASA on the client's site and a checkpoint Nokia FW on our site. Everything seems to be fine except that the user's connections to their file shares seem to be intermittently dropping. One minute the connection to the shares is there, next thing it's lost.
There is no logic to it because no two users are experiencing issues at the same time, as a matter of fact even on the same PC where a user has access to 3 shares on 3 different servers, one could be showing as connected whereas the other two be dropping.
Any idea where I can look to trouble-shoot such an issue?
I noticed the following on the uplink interface to the outside router:
Interface Ethernet0/0 "", is up, line protocol is up
Hardware is 88E6095, BW 100 Mbps, DLY 100 usec
Auto-Duplex(Half-duplex), Auto-Speed(100 Mbps)
Input flow control is unsupported, output flow control is unsupported
Available but not configured via nameif
MAC address 30e4.db30.15ed, MTU not set
IP address unassigned
15767971 packets input, 14500966317 bytes, 0 no buffer
Received 7 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 pause input, 0 resume input
0 L2 decode drops
133183 switch ingress policy drops
12874519 packets output, 3083603673 bytes, 0 underruns
0 pause output, 0 resume output
64568 output errors, 56659 collisions, 0 interface resets
0 late collisions, 35746 deferred
0 rate limit drops
0 switch egress policy drops
0 input reset drops, 0 output reset drops
As you can see the Duplex and Speed are set to auto, I've rectified this since then and I'm keeping a close eye on the output errors, and collisions. However, I'm afraid that this did not rectify the issue and the users are still experiencing intermittent connection dropping to their file shares over the VPN!
11-28-2011 08:39 AM
This is what I would do:
#1: hard-code both the 5005 and the switchport to 100/full. There is no reason to set it to auto/auto because these are 10/100 and not Gig port.
#2: on the Nokia "internal" interface, run the following tcpdump command "tcpdump -s 0 -w /var/tmp/cifs.cap -nnni eth-sxpx host client_pc_IP_address and host servers_IP_address"
Use wireshark to read the cifs.cap file if you're seeing a lot of transmissions or the MTU is ok.
Report back what you've found.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide