cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
337
Views
0
Helpful
2
Replies

Help with intermittent ASA 5510 problem

rweales01
Level 1
Level 1

Our network has been experiencing intermittent issues the last few days. At random times, the network becomes unstable, voip, citrix connections to servers, connections to the internet, vpn connections, etc;.

I started watching the logging on the ASA and saw that at random times the inside interface(which is also the default gw for the lan) would "flap", or go down and come back up 3-4 times very rapidly. It appears that this is what is causing the network instability. I haven't seen any other issues.

Our ISP (Verizon) ran diagnostics and said they just saw a larger than normal amount of utilization on our T1.

What could cause an internal interface on an ASA to behave like that?

2 Replies 2

johnd2310
Level 8
Level 8

hi

Capture the traffic that is hitting the internal interface. Also check all layer one between the asa internal interface and switch it connects to on the internal network.

Thanks

John

**Please rate posts you find helpful**

Ok, discovered the problem via the syslog entries:

"Received ARP response collision from xxx.xxx.xxx.xxx"

To make a long story short, a box had been assigned the same ip as the inside interface on the ASA. What is strange is that the interface would continue "flapping" even after the problem with the ip conflict was resolved. I cleared the ARP cache on the ASA and reset our switches and that seems to have corrected it.

My main concern is why would an interface behave like this simply because another device on the network also thought it was the same address?

Is this "normal" behavior for an ASA? It is running 7.2 firmware.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: