Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
461
Views
0
Helpful
4
Replies

Problem With ASA-5505

robert.mccarter
Level 1
Level 1

‎05-26-2010 11:35 AM - edited ‎03-11-2019 10:51 AM

Hello,

I have about 30 ASA 5505 firewalls.  I am using them to remotely connect to my Allen Bradley PLCs.  I use ports 2222 and 44818 to connect to the PLC's from different devices.  The problem I am having is that sometimes one of the ports will stop responding.  More often than not it is the 44818.  To remedy the issue, I remotely connect to the firewall and perform and immediate system reload.  After the firewall comes back up, everything works normally.

There is no definite time period that this problem occurs and it does not occur equally across all of the firewalls.

Is this a known issue or is there some sort of resolution?

Thank you,

Robert

Labels:
0 Helpful
4 Replies 4

Panos Kampanakis
Cisco Employee
Cisco Employee

‎05-26-2010 11:46 AM

Issues like this usually relate to xlates.

I would start by checking the connnections ("sh conn det | i ") and xlates ("sh xlate deb | i ") for the host that is not working.

Also, check if clear local fixes the issue also or not just a reload (would mean it is not an xlate or conn issue).

PK

0 Helpful

Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to Panos Kampanakis

‎05-26-2010 11:51 AM

Just to add....

If you have the port open it should work everytime... so another thing that you can do is check the logs to see what kind of message you get when the connection fails and also run a packet tracer test when it fails (before reloading the device).

Federico.

0 Helpful

robert.mccarter
Level 1
Level 1
In response to Federico Coto Fajardo

‎05-26-2010 02:04 PM

I had a unit that had quit responding today.  I issued the "clear local" command and that cleared the issue.

Does that shed any light on the issue?

Thank you,

Robert

0 Helpful

Panos Kampanakis
Cisco Employee
Cisco Employee
In response to robert.mccarter

‎05-26-2010 02:22 PM

It is likely a bogus xlate.

You need to check the conns and xlates as suggested.

PK

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card