cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
637
Views
5
Helpful
4
Replies
it
Beginner
Beginner

FW interface internet access

Hello,

 

I have an issue with our ASA 5516 FW. 

Suddenly, when all worked just fine and with no config change, we lost access to the internet for one interface only. Other interfaces using the same outside interface have no problem.

 

The weird thing is that the site to site vpn on this specific interface works! 

What could be the cause of this issue?

 

Thank you,

  

4 REPLIES 4
balaji.bandi
VIP Expert

you need to check the Logs and provide any information which can help to think what is wrong.

 

Still you do not see anything wrong on the logs, generate a show tech and raise an TAC to investigate for you.

 



BB


*** Rate All Helpful Responses ***

Josue Brenes
Cisco Employee

Hi, 

 

It could be a NAT/PAT missing, coming from that interface and taking the outside interface as a way out.

 

It makes sense that the VPN continues to work since the VPN does not need a NAT to work properly, it is always bypassed with a NAT-exemption or just not configuring any NAT on that interface. 

 

If the PAT missing is not the issue, we would need to take a look at the config of the ASA. 

 

Rate if it helps.

 

Regards,

Josue Brenes

TAC - VPN Engineer.

Yes, but this may happen. 

 

it's been a while now that all traffic to the internet worked fine.

then suddenly traffic stops. all site to site vpn continue to work.

 

 in case it is a nat / pat issue, should't this happen all the time?

Hi,

Try to understand some limitations, we can't comment without any logs or details. Because I don't know what is happing. 

Share ASA logs, and configurtion. 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
Content for Community-Ad