Help with intermittent ASA 5510 problem

Unanswered Question
Mar 18th, 2008

Our network has been experiencing intermittent issues the last few days. At random times, the network becomes unstable, voip, citrix connections to servers, connections to the internet, vpn connections, etc;.

I started watching the logging on the ASA and saw that at random times the inside interface(which is also the default gw for the lan) would "flap", or go down and come back up 3-4 times very rapidly. It appears that this is what is causing the network instability. I haven't seen any other issues.

Our ISP (Verizon) ran diagnostics and said they just saw a larger than normal amount of utilization on our T1.

What could cause an internal interface on an ASA to behave like that?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
johnd2310 Tue, 03/18/2008 - 13:10

hi

Capture the traffic that is hitting the internal interface. Also check all layer one between the asa internal interface and switch it connects to on the internal network.

Thanks

John

rweales01 Wed, 03/19/2008 - 11:25

Ok, discovered the problem via the syslog entries:

"Received ARP response collision from xxx.xxx.xxx.xxx"

To make a long story short, a box had been assigned the same ip as the inside interface on the ASA. What is strange is that the interface would continue "flapping" even after the problem with the ip conflict was resolved. I cleared the ARP cache on the ASA and reset our switches and that seems to have corrected it.

My main concern is why would an interface behave like this simply because another device on the network also thought it was the same address?

Is this "normal" behavior for an ASA? It is running 7.2 firmware.

Actions

This Discussion