From past few months, we keep getting Connection Timeout and Connection Failure error messages in our vendor application which connects to SQL Server 2005. Also Terminal Server 2003 keep disconnecting for every few hours.
After several days of troubleshooting, we come to know that this Cisco ASA 5500 is not working properly. When I access the ASDM, it shows several warning messages.
I know there is a setting option to configure TimeOut, but is there anyway to test and track the ASA 5500 regarding this Timeout issues?
I'm newbie to these kind of advanced firewalls. Any further help would be greatly appreciated. Thank you.
As you heard you can configure the time-out for the connections traversing your ASA ( using either the global time-out or the MPF option for the time-out) the thing is that some applications like ftp and SQL*Net use secondary flows so if you want to setup a connection time out for those applications you will need to use the global command.
You can refer to this document for some information:
Thanks for your prompt reply. I just come to know that (from our 3rd party IT) the ASA firewall is actually configured to create a dedicated VPN tunnel to a secure remote site (to our software vendor.) And we used EdgeMarc router as a main router to establish VPN tunnels to our locations. Since we (probably I) connected FiOS Internet directly to ASA, and then ASA to EdgeWater router, all traffic is going through ASA firewall which increases load and triggers timeout issues.
I will refer the link that you provided and let you know if we still encounter any issues or not. Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...