Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Lost access to LAN mgt side of SA520W

I have a customer with a pair of SA520Ws with an IPSEC tunnel connecting offices.  Both sites running 2.1.71, upgraded from 1.1.65.  Recently, I've been unable to reach the web interface on the LAN side of one of the SA520Ws.  Even pings do not reply.  Other traffic destined to the Internet and remote site work fine.  I can even hit the troubled SA520Ws LAN web interface from the remote site.  Remote management (WAN side) of the troubled SA520W works fine as well.  It's just clients local to that SA cannot ping or access the web interface.

Anyone run into this?  I've already re-upgraded the firmware so both active and backup are 2.1.71.

One other hit is that the SA is pingable for about 15 seconds during a reboot.  If you are fast enough, the web interface loads, but you cannot login because the problem begins after that 15 second window.  The box appears to be Linux based so I'm guessing some script (iptables?) seems to get loaded that drops INPUT packets from the LAN.


Everyone's tags (4)
CreatePlease to create content