04-17-2008 07:50 AM - edited 02-21-2020 01:58 AM
pbm with asa5505.For 45 min-1h &later on internet is down.any solution
!
hostname DarrkoEOOD
domain-name default.domain.invalid
enable password my encrypted
names
!
interface Vlan1
nameif inside
security-level 50
ip address 89.x.x.65 255.255.255.192
!
interface Vlan2
nameif Evrokom
security-level 90
ip address 89.x.x.66 255.255.255.252
!
interface Vlan3
description Evrocom-DNS_Blackhole
nameif DNS
security-level 0
ip address 10.0.0.1 255.255.255.252
!
interface Ethernet0/0
description LAN
!
interface Ethernet0/1
description Evrokom
switchport access vlan 2
!
interface Ethernet0/2
description Evrocom-DNS_Blackhole
switchport access vlan 3
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passwd my encrypted
ftp mode passive
clock timezone EEDT 2
clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 3:00
dns server-group DefaultDNS
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list IPSAllowedOutsideInterface extended permit ip host 71.169.2.10 any
access-list IPSAllowedOutsideInterface extended permit ip host 72.89.63.208 any
access-list IPSAllowedOutsideInterface extended permit ip 69.64.222.0 255.255.255.0 any
access-list IPSAllowedOutsideInterface extended permit ip host 77.85.217.18 any
access-list IPSAllowedOutsideInterface extended permit ip host 62.204.140.9 any
access-list IPSAllowedOutsideInterface extended permit tcp 213.226.0.0 255.255.0.0 any eq ssh
access-list IPSAllowedOutsideInterface extended deny tcp any any eq 3389
access-list IPSAllowedOutsideInterface extended deny tcp any any eq ssh
access-list IPSAllowedOutsideInterface extended permit ip any any
pager lines 24
logging timestamp
logging buffer-size 1048576
logging buffered debugging
logging asdm informational
mtu inside 1500
mtu Evrokom 1500
mtu DNS 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any Evrokom
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (Evrokom) 10 interface
nat (inside) 10 89.215.168.64 255.255.255.192
access-group IPSAllowedOutsideInterface in interface inside
access-group IPSAllowedOutsideInterface out interface inside
access-group IPSAllowedOutsideInterface in interface Evrokom
access-group IPSAllowedOutsideInterface out interface Evrokom
route Evrokom 0.0.0.0 0.0.0.0 89.215.174.65 1 track 1
route Evrokom 217.9.224.2 255.255.255.255 89.215.174.65 1 track 2
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:20:00 udp 1:00:00 icmp 0:00:05
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
username admin password rj3RJA7.tmoyw8bB encrypted privilege 15
username thegrave password my encrypted privilege 15
aaa authentication ssh console LOCAL
http server enable
http 62.x.x.9 255.255.255.255 Evrokom
http 213.x.x.0 255.255.255.0 Evrokom
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
service resetinbound interface inside
!
track 1 rtr 1 reachability
!
track 2 rtr 2 reachability
telnet timeout 5
ssh 72.x.x.208 255.255.255.255 Evrokom
ssh 213.x.x.0 255.255.0.0 Evrokom
ssh 67.x.x.39 255.255.255.255 Evrokom
ssh 62.x.x.9 255.255.255.255 Evrokom
ssh 77.x.x.18 255.255.255.255 Evrokom
ssh timeout 5
ssh version 2
console timeout 0
dhcpd lease 32000
!
dhcpd address 89.x.x.66-89.215.168.125 inside
dhcpd dns 217.x.x.2 212.39.90.42 interface inside
dhcpd enable inside
!
!
!
ntp server 129.6.15.29 source Evrokom
ntp server 129.6.15.28 source Evrokom prefer
prompt hostname context
Cryptochecksum:xxx
: end
04-23-2008 09:58 AM
Use this Cisco ASA 5500 Series Adaptive Security Appliances Troubleshoot and Alerts
http://www.cisco.com/en/US/products/ps6120/tsd_products_support_troubleshoot_and_alerts.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide