Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
859
Views
0
Helpful
4
Replies

ASA5505 needs reboot almost every two weeks...help!

viper1284
Level 1
Level 1

‎10-16-2007 04:29 PM - edited ‎03-11-2019 04:26 AM

Hi,

I have an ASA5505 running IOS 7.2(3) and ASDM 5.2(3). About every 2 pr 3 weeks I have to reboot the ASA because it looses Internet connectivity. Once I reboot the ASA the Internet comes back. What could be causing that and how do I fix that? Any suggestions or help would be great!

Thanks!

Labels:
0 Helpful
4 Replies 4

cameron.moody
Level 1
Level 1

‎10-16-2007 05:07 PM

Hi,

Have you checked in the log for any errors? Also, I assume that your ASA isn't plugged directly into an ethernet based internet connection. Are there any errors or interface issues on the router that the ASA plugs into?

If there are cable errors on the router to the wan interface it is probably an issue for the telco to look.

Otherwise have you ruled out the router as being the issue by plugging a device directly into that and checked if the same issue occurs?

0 Helpful

viper1284
Level 1
Level 1
In response to cameron.moody

‎10-16-2007 05:40 PM

The ASA is directly connected to a cable modem. The logs do not show any errors.The Internet just drops. Once I reboot the ASA I can connect back to the Internet. Any suggestions where I can look?

0 Helpful

noran01
Level 3
Level 3

‎10-17-2007 05:43 AM

Since you are plugged into the cable modem I assume you are using dhcp to pull an ip address on your untrusted interface. If so, when you reboot are you getting a different IP address than you previously had?

If you have a static ip address from your cable provider i would examine the logs on the ASA. Before rebooting you should check the interface and see if it is currently in a down state and/or showing a lot of errors, or even try renewing the dhcp lease (if you are using dhcp) by going to into global config and issuing:

ip address outside dhcp [setroute] (use setroute if this will be your default route to the internet)

0 Helpful

Patrick Iseli
Level 7
Level 7
In response to noran01

‎10-17-2007 06:38 AM

Sounds to me like a bug with the connection table or a maybe a interface duplex issue.

This happends when sessions are not cleared in a correct timely manner and the state table is getting full. So no new connections are possible any more.

Check also in the output of a < show interface > if you see any error on the interface. If you have a duplex issue communications can get very slow or even stop working.

Type a < show conn > in the command line.

Have you considered to upgarding the ASA Firewall.

Contact the Cisco TAC and ask them for assistance to debug that problem.

They will need a output to a file from command line : < show tech >

Ressources :

http://www.cisco.com/en/US/products/ps6120/prod_tech_notes_list.html

Establish and Troubleshoot Connectivity through the Cisco Security Appliance :

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009402f.shtml

sincerely

Patrick

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card