I have an ASA5505 where vlan1 (inside) and all associated ports (e0/1 - e0/7) are down. Workstations on vlan 1 are online and working. Vlan2 (outside) is up and running normally. I tried to shut/no shut on the vlan. I also rebooted the firewall. No change.
Can someone tell me why vlan1 is down?? I've attached some config info and some troubleshooting.
How exactly are you connecting via remote desktop? Through the ASA from outside to inside? Or through the inside VLAN 1 switchports (e0/1 - 7) on the ASA? Or are you connecting through a different device?
Can you give a screenshot of one of these working PCs pinging VLAN 1 (172.29.x.x)?
I just find it very odd that these devices are communicated over interfaces which are showing down/down. I could not find any bugs which describe this issue.
Found the problem. I worked with TAC a couple weeks ago to fix 8.2.4 to 8.4 upgrade problems on the HQ ASA. The 5505 discussed above is one of a few that VPN into the HQ ASA. While working with TAC i noticed a NAT statement that didn't seem right but at the time (3AM after hours of troubleshooting) i didn't press the issue. Here is the statement:
Original Packet Source = HQ LAN network
Destination = Remote office A network
Translate Destination = Remote office B network
Original Packet Source = Remote office B network
Destination = HQ LAN network
Translate Source = Remote office A network
When connecting the 5505 (described above) via ASDM from the HQ LAN, I was not connecting to the 5505 i expected... thus the confusion. I removed the NAT statement and the devices act as they should.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :