Problems with QOS on ASA 5505

Unanswered Question
May 2nd, 2007
User Badges:

I am setting up asa 5505s for our home users. I setup everything and its working fine until I setup Qos. It will work for a couple of days but if you reboot the asa the easy vpn is disabled and it gives me some "disable aaa authentication" error when I try to re-enable it. I have to re-enter the "no aaa authentication" commands so I can enable the VPN again. Here are the commands I am using for this. Any ideas on why this is happening. (noobish)

http inside

http inside

no dhcpd enable inside

interface vlan1

ip address

dhcpd address inside

dhcpd enable inside

no aaa authentication listener http inside port www redirect

no aaa authentication listener https inside port 1443 redirect

no nat (inside) 0 access-list _vpnc_nwp_acl

vpnclient server ***.***.***.***

vpnclient mode network

vpnclient vpngroup ****** password ***********

vpnclient username ********* password *************

vpnclient enable

access-list 102 remark : Nortel Voice over IP Ports

access-list 102 extended permit udp any any eq 5000

access-list 102 extended permit udp any any eq 7000

access-list 102 extended permit udp any any range 28000 28255

access-list 103 remark : Nortel Server VoIP Packets

priority-queue inside

priority-queue outside

class-map Nortel_SERVER

match access-list 103

class-map Nortel_UDPPORTS

match access-list 102

class-map Nortel_VOIPPHONES

match dscp ef

policy-map VOIP_POLICY

class Nortel_UDPPORTS


class Nortel_SERVER


class Nortel_VOIPPHONES


service-policy VOIP_POLICY interface outside

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
brianadixon Fri, 05/04/2007 - 04:40
User Badges:

Thanks for the reply.... I get a Forbidden File or Application" when trying to go to that link.


This Discussion