Good idea.....do I need to enable my logs to show ip and timeouts?

It seems mainly the only thing I see now in my logs is built dynamic TCP translation from to or  Built outsidet TCP connection from and to or Teardown dynamic UDP translation from and to....

Then there is also some deny inbound udp from and to stuff...

OK, the denies for the UDP could relate to NFS (file sharing). Check if they relate to your hosts and why they are denied.

PK

It appears PC#2 (my pc) can ping the PC#1 (pc with shared drive) but PC#1 can't ping PC#2...

let me locate the udp denial stuff....

Hello Toddy,

Where is PC1 located and what is its secuirty level, where is PC2 located and what is its security level. Is it just NFS that is not working? You mention that it works but then it stops is that correct?

Mike

Hey Mike -

PC#1 and PC#2 are both connected to the Inside interface of the ASA 5510....so both security levels would be 100....

PC#1 shares 1 folder that contains files that all staff use.......However that file is not accessible.  PC#1 can access the internet and can print to the network printer.

yes if i restart pc#1 pc#2 will be able to access the shared folder......however after some timeframe that access will end......Lastnight it all worked for hours, now this morning it only worked for 10 minutes.......

It seems to be either a time thing or a number of uses that connect at once......or something completely else.....

Thanks!

The traffic hitting the inside is classified as inbound.

What is the inside security level? And what is the security level of the destination? Pease do a sanity check on them.

PK

pkampana wrote:
The traffic hitting the inside is classified as inbound. 
What is the inside security level? And what is the security level of the destination? Pease do a sanity check on them.
PK

inside security level is 100.

security level of the desination - 100

Because both pc's are on the inside network......

not sure how or what the sanity check is......sorry I'm a cisco(firewall) newbie....

Thanks for your help!

Hello Toddy

Are they on the same subnet? Or different subnets? Let me know.

Mike

Yes they are both on the same subnet...

Hello Toddy,

Well in that case the ASA is not going to participate on the communication between these two host. The only thing that can be messing this up would be a proxy arp.

When you try to ping the host 2 where the Shared drive is, does it work? If not can you do an arp -a on the cmd of your PC, grab the MAC address and compare it to the PC 2 MAC address?

Let me know.

Mike

pc1 192.168.10.18 - has the shared drive

pc2 192.168.10.12 - my pc

I cand ping pc1 from pc2  (100% success)

I can not ping pc2 from pc1 (0% success)

Hello,

As Mike suggested above, check the ARP tables on both PC1 and and PC2 after you ping both ways. Make sure that the MAC addresses are correct on both. It sounds like the MAC address learned for PC2 in PC1's ARP table might be incorrect.

Also, double check any host-based firewalls on these PCs if you haven't already.

Hope that helps.

-Mike

Oddly enough for the last couple days everything was good.....now within the last 2 hours it has not been good.....I have had to restart pc-1 a couple times to be able to access the shared drive....

SO I think you are right that the mac address are staying the same.....

It appears to that PC-1 (which has the shared drive)  and the other PC in the office are loosing/changing their mac addresses......I honestly think it is PC-1 that is making the change.  IF I restart PC-1 all is good.....but for whatever reason it seems to randomly switch....

What can I do so it does not do this???  And what could cause this?

Thanks.