Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Ping break between ASA & Router (directly connected via ethernet)


we have the following setup for our network :

UserNetwork - ASA5550 - WAN Router 2911 - ISP Netowrk - Branch Routers 877s / 1941s

Since last week we started noticing this problem that the branch users started to complain of slow application response.. After verifying it with the ISP and middle network we noticed that if i ping from my machine (ie usernetwork) to the WAN Router interface (facing the ASA) , i get time outs..  which is strange cause this is directly connected to it via ethernet cable.

anyone has any idea why this is happning or what should i check first.



Everyone's tags (1)

Ping break between ASA & Router (directly connected via ethernet


First establish where the drops are

Ping the inside interface of the ASA

Do you get the same results ?

Ping from the ASA to the WAN router and to the usernetwork

Do you get drops on either side ?

check the interfaces on both the WAN and the ASA and any switches on the way.

any errors or other problems ?

any tight sectors considering the network traffic, fx saturation or QoS ?

check the cabeling so that there are no loose cables.

exchange the cable inbetween the ASA and WAN.

Good luck

Hope This  Helps

New Member

Ping break between ASA & Router (directly connected via ethernet

Hi hobbe,

1) Inside works fine because ive had ping from my desktop to the ASA's inside itnerface without any problem.

2) I get packet drop when i execute ping from the ASA to the WAN i get packet drops 97% success rate.

3) They are directly connected no switches in between.

4) WAN interface has only policy based routing no other QoS implements. The traffic is also the usual as ever so that shouldnt be a problem.

interface Vlan2    > mapped to FE 0/0/0

description To Firewall

ip address

ip nbar protocol-discovery

ip flow ingress

ip virtual-reassembly

ip policy route-map dr-traffic

5) I will be changing the cable in an hour or so cause its a production network and need to get approvals.

I need to clarify this first before i move on the link between WAN router and branches (if the slow application response problem remains)

thanks for the help, any specif commans that i could possibly run on the WAN router.   right now i have loggin enabled and term mon on . the syslog server is also not getting anything ..  

for the debug i have debug ethernet-interface on and  debut inereface fe 0/0/0 & vlan 2  on   but not getting anything.


Ping break between ASA & Router (directly connected via ethernet


Are you doing NAT on the ASA? Have you got any ACL or firewall config on the WAN router ?



Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
New Member

Ping break between ASA & Router (directly connected via ethernet

noops all routed mode.. cean simple configs.. and this started happning 2 days back.. nothing else was cha


New Member

Ping break between ASA & Router (directly connected via ethernet

do you always have these timeouts?

asking because i know on some devices the ping is not prioritized, meaning if the router is really busy with other stuff, e.g. routing, it just neglects some kind of traffic, e.g. ping requests.

what is the connection between the branch and the HQ? vpn?

what are the responses, if you ping from the branch the dest. server, or the router or asa?