12-14-2009 10:36 AM
Hi, today we had a strange problem with one of our 5550. I was working via ASDM on it and suddenly I could not connect to it via asdm over the management interface or the inside interface. Nothing helped.
When I connected with a vpn and then use asdm it works. My ip on the network when it did not work was 1xx.xxx.81.235. When I use vpn it was a different ip 1xx.xxx.55.1. I can build (with vpn) an connection over the inside interface with asdm.
I tried to shut and no shut the man interface nothing helped.
Can it be that the asa things i am an intruder and dynamically blocks my netwerk range? If so where can I find this info.
Other users of our team had the same problem.
I also checked the syslog nothing.
thx,
Marc
Solved! Go to Solution.
12-14-2009 02:49 PM
Although I never experienced this myself, but if the running-config hasn't changed and worked before its possible that the ASA
may have shunned your connection??
From CLI do:
# sh shun
look if your IP address is present, if so do:
# clear shun
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/protect.html#wp1058270
More than likely this is do to a change made to the running-configuration, I would start by reviewing a previously working running-config with a the present running-config.
12-14-2009 02:49 PM
Although I never experienced this myself, but if the running-config hasn't changed and worked before its possible that the ASA
may have shunned your connection??
From CLI do:
# sh shun
look if your IP address is present, if so do:
# clear shun
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/protect.html#wp1058270
More than likely this is do to a change made to the running-configuration, I would start by reviewing a previously working running-config with a the present running-config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide