Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2246
Views
0
Helpful
6
Replies

ASA 5505 keeps "going down"

philm
Level 1
Level 1

‎10-07-2009 08:33 AM - edited ‎03-06-2019 08:02 AM

I have a Cisco ASA 5505 for my internet gateway.

I do not have VPN setup.

Several times a day, the ASA 5505 "goes down", and users cannot get on the internet. After a short while, the router begins working again, almost as though it did a "reset" or something. Is there some log or some way to see what is causing the router to stop like that? I found the "firewall" monitor in the ASDM, and it shows spikes in the "syn attack" graph, but I have checked the computers that show in the "under attack" list and those computers don't have a virus or malware (from what I can tell)

What I would like to do, is make sure all "VPN" related stuff is removed from the config if possible to ensure that I am not being attacked that way.

Labels:
0 Helpful
6 Replies 6

philm
Level 1
Level 1

‎10-07-2009 08:42 AM

Also, is it possible to display the MAC address in the "ASDM Syslog Messages" screen?

0 Helpful

binhkdinh
Level 1
Level 1
In response to philm

‎10-07-2009 09:53 AM

Do you see the source IP & protocol/port of the attack on ASDM? If not, I think you should set up a syslog server to see where the "sync attack" is coming from. Then block the source and protocol/port on your ACL.

0 Helpful

nsn-amagruder
Level 5
Level 5

‎10-07-2009 10:40 AM

I had a bad power supply / brick a few weeks ago. TAC had to send a replacement. Do a show version and see the uptime. If it is rebooting, check the power source and get an RMA if you have smartnet. If not, try purchasing a new power brick.

0 Helpful

philm
Level 1
Level 1
In response to nsn-amagruder

‎10-09-2009 06:31 AM

Yesterday, it showed up time 19 hrs 40 mins.

Today, it shows 17hrs 53 mins uptime

I have not manually rebooted it. However, the internet has "gone down" on all traffic that passes through that router twice already this morning. So, it looks like I have two problems.

.

1. The router resets itself.

2. Traffic will not go through in or out at seemingly random times throughout the day. If the users just wait about 3 minutes, it comes back. When one user loses internet, it seems they all do.

0 Helpful

nsn-amagruder
Level 5
Level 5
In response to philm

‎10-09-2009 06:40 AM

Is it connected to a UPS and have you tried another power outlet?

If so, it is is a bad PS or bad power brick. Do you have smartnet maintenance? Open a case with TAC and get it RMA'd.

0 Helpful

philm
Level 1
Level 1
In response to nsn-amagruder

‎10-12-2009 12:14 PM

Yes, I have it connected to a battery backup. I also tried another power source.

It has quit a couple times today. When it did, I ran in and unplugged the inside network cable and plugged it back in real quick (because it was blinking really fast). As soon as I did that, internet works again.

When I did sh ver this morning, it had been up for 2 days and 19 hours. But now I see it has been hard reset because it says it is only up for 3 hours 59 min

Cisco arranged an RMA for me, still waiting on the new hardware to arrive.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card