Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA crashed!!!!!

can someone help please!!!  My ASA 5510 just stopped working. It will not connect to the Internet. I could ping the DNS and the interfaces but could not get to the Internet. When I connect my Laptop to the ISP router it works finehere is the configuration

: Saved

:

ASA Version 8.0(3)

!

hostname ******

domain-name ********

enable password m/TMGLxcraOUG46C encrypted

names

name 10.0.10.4 Server description Exchange Server

!

interface Ethernet0/0

nameif Inside

security-level 100

ip address 10.0.10.253 255.255.255.0

!

interface Ethernet0/1

nameif Guest

security-level 50

ip address 10.0.2.254 255.255.255.0

!

interface Ethernet0/2

nameif Outside

security-level 0

ip address 87.85.201.99 255.255.255.248

!

interface Ethernet0/3

shutdown

no nameif

no security-level

no ip address

!

interface Management0/0

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

management-only

!

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

dns server-group DefaultDNS

domain-name ktcoils.local

access-list Inside_nat0_outbound extended permit ip any 10.0.10.172 255.255.255.252

access-list Outside_access_in extended permit tcp any host SBSServer eq smtp log

access-list Inside_access_in extended permit tcp host SBSServer any eq smtp log

pager lines 24

logging enable

logging asdm informational

mtu management 1500

mtu Guest 1500

mtu Outside 1500

mtu Inside 1500

ip local pool VPNPool 10.0.10.180-10.0.10.189 mask 255.255.255.0

icmp unreachable rate-limit 1 burst-size 1

asdm image disk0:/asdm-508.old

no asdm history enable

arp timeout 14400

global (Outside) 2 87.85.201.100-87.85.201.105 netmask 255.0.0.0

global (Outside) 1 interface

global (Inside) 1 interface

nat (Guest) 1 0.0.0.0 0.0.0.0

nat (Outside) 1 10.0.10.172 255.255.255.252 outside

nat (Inside) 0 access-list Inside_nat0_outbound

nat (Inside) 2 0.0.0.0 0.0.0.0

static (Inside,Outside) 87.85.201.106 SBSServer netmask 255.255.255.255

access-group Outside_access_in in interface Outside

access-group Inside_access_in in interface Inside

route Outside 0.0.0.0 0.0.0.0 87.85.201.97 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

dynamic-access-policy-record DfltAccessPolicy

http server enable

http 192.168.1.0 255.255.255.0 management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac

crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac

crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac

crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac

crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac

crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac

crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac

crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5

crypto map Outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map Outside_map interface Outside

crypto isakmp enable Outside

crypto isakmp policy 10

authentication pre-share

encryption 3des

hash sha

group 2

lifetime 86400

no crypto isakmp nat-traversal

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address 192.168.1.2-192.168.1.254 management

dhcpd enable management

!

threat-detection basic-threat

threat-detection statistics access-list

group-policy KTCRemote internal

group-policy KTCRemote attributes

wins-server value 10.0.0.4

dns-server value 212.135.1.36

vpn-tunnel-protocol IPSec

default-domain value ktcoils.local

username admin password czGCDdLJBAwTP.41 encrypted privilege 15

username user1 password enq05bKrudsJMMBu encrypted

username user1 attributes

vpn-group-policy KTCRemote

username user2 password enq05bKrudsJMMBu encrypted

username Interactive password 8XYOLdGxohhVdJTN encrypted

tunnel-group KTCRemote type remote-access

tunnel-group KTCRemote general-attributes

address-pool VPNUsers

default-group-policy KTCRemote

tunnel-group KTCRemote ipsec-attributes

pre-shared-key *

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny 

  inspect sunrpc

  inspect xdmcp

  inspect sip 

  inspect netbios

  inspect tftp

!

service-policy global_policy global

prompt hostname context

Cryptochecksum:ab59b47ce5b9aa70d38cc9d1abfaf2c8

: end

asdm image disk0:/asdm-508.old

asdm location Server 255.255.255.255 Inside

no asdm history enable

1 REPLY
Cisco Employee

Re: ASA crashed!!!!!

Good day,

Since this has to do with ASA, please open a new one under Firewalling and close this one?

This community is for Wireless Discussions.

Thanks

Serge

223
Views
0
Helpful
1
Replies