12-14-2009 10:36 AM
Hi, today we had a strange problem with one of our 5550. I was working via ASDM on it and suddenly I could not connect to it via asdm over the management interface or the inside interface. Nothing helped.
When I connected with a vpn and then use asdm it works. My ip on the network when it did not work was 1xx.xxx.81.235. When I use vpn it was a different ip 1xx.xxx.55.1. I can build (with vpn) an connection over the inside interface with asdm.
I tried to shut and no shut the man interface nothing helped.
Can it be that the asa things i am an intruder and dynamically blocks my netwerk range? If so where can I find this info.
Other users of our team had the same problem.
I also checked the syslog nothing.
thx,
Marc
Solved! Go to Solution.
12-14-2009 02:49 PM
Although I never experienced this myself, but if the running-config hasn't changed and worked before its possible that the ASA
may have shunned your connection??
From CLI do:
# sh shun
look if your IP address is present, if so do:
# clear shun
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/protect.html#wp1058270
More than likely this is do to a change made to the running-configuration, I would start by reviewing a previously working running-config with a the present running-config.
12-14-2009 02:49 PM
Although I never experienced this myself, but if the running-config hasn't changed and worked before its possible that the ASA
may have shunned your connection??
From CLI do:
# sh shun
look if your IP address is present, if so do:
# clear shun
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/protect.html#wp1058270
More than likely this is do to a change made to the running-configuration, I would start by reviewing a previously working running-config with a the present running-config.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: