06-03-2021 05:05 AM
Hello,
I have two ASA(5510 and 5505) that are connected with S2S VPN.
The branch sends all the traffic to the VPN.
They have recently changed internet provider.
The thing is that the traffic passes through VPN.
There is a server application in the main site that takes backup a server in the branch side. The backup operation does not succeed, but if they put a route to the backup VPN it passes fine to the backup VPN
In the firewall I take a capture and I see the flows, but I get some resets from the branch site. Also I see timeouts in the logs.
From the application side they do not see anything, just communication issues.
From the provider they have checked the line and it is ok.
I change also the tcpmss to a smaller value, but I did not any change.
Any thoughts?
Thanks and regards,
Konstantinos
06-03-2021 02:53 PM
Are there any IP changes? check any IP address listed in the Server-side to access any rules ?
can you post the example flows to understand the issue, is the server able to see the request? is this Wireshark captured on server see what is happening, since you mentioned 2 points here - ISP changed, and passing VPN side.
06-09-2021 10:18 PM
After a reload of the ASA it worked as it should..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide