When you say that you lost your connection, what network were you on, and which interface were you trying to connect and ping to? Is this through your split-tunneled VPN or the insideTGHQ interface? (I'm assuming VPN)
One thing that looks wrong off of the bat is your second route statement. I may be wrong, but I believe that should be a route on your insideTGHQ interface instead of the outside interface.
With a little more info this should be pretty easy to solve.
I lost connection moments after applying a new NAT rule, this was during the write mem stage, the ASDM hung for at least 3-4 mins timed out then shut down. The network interface i was connected to was Ethernet 0/3 Inside TGHQ ( office network) ip: 10.103.30.254. After losing connection i tried to ping this interface also tried to Telnet to this ip, all with no success. The site to site IPSec Tunnel is running fine and was not affected.
The 2nd route statement ive checked and looks ok, can you explain?
What is bothering me about that second route statement is this: The insideTGDR network is 10.104.0.0/16, and the existing route statement tells the ASA that any traffic destined for that network should go to the outside interface, but the next hop specified in that statement is the ASA insideTGHQ interface address. I am assuming that 10.104.0.0/16 neds to be routed through the inside interface instead, so instead of the following statement:
If I am wrong and this network actually exists on the outside interface, then the next hop needs to be changed to that of the outside interface.
Now, that being said, you lost your connectivity under very odd circumstances. If the NAT statement that you aded was to blame, you would have lost your connection the instant that you hit 'enter' on that command, not when you did a write mem.
I would check the route statement again, and also check the status of Eth0/3 to make sure that it is up. Version 8 software on the 5510 allows you to run the first two interfaces (Eth0/0 and Eth0/1) at Gigabit speed while the last two will only run at 100Mbps. It is generally a best practice to force your ASA ports to whatever speed and duplex you want, and not allow them to negotiate.
You may also want to upgrade to the latest version of software for the 5510. I would suggest 8.2(5) as any version after this and the command set changes as does the way that the ASA's perform certain functions, such as NAT. I would suggest you play around with any later version on a lab box for a while to get used to it before putting it in production.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...