Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco ASA Firewall: Disappears and brings down internet connection

Status
Not open for further replies.
evanbrown

evanbrown

Programmer
Aug 2, 2005
2
0
0
I have a Cisco ASA firewall on an Internet connection - coming through an xrio 400 ADSL bonder.

The problem is that the Cisco firewall - which has a static IP address - disappears completely after a variable amount of time and the Internet connection fails. It doesn't reply to PING requests to the public IP or to the 192.168.0.x IP address on the local LAN. The bonding device (an xrio UBM 400 which is connected on the outside of the firewall) gives an error saying that the link to the Cisco is 'incomplete' and it keeps sending ARP requests to the firewall which are not responded to. The device remains powered on all the time and I have checked all cables and replaced them.

I should say at this point that the Cisco is a new unit which was installed today to replace a Juniper Networks Netscreen firewall which demonstrated exactly the same behaviour.

I can't understand why the firewall just stops responding to PING requests - it has to be unplugged from the mains and then plugged in again in order for it to come up again. It will then PING and work correctly for a while. When it fails, I can't PING anything on the inside of the firewall but the UBM bonder continues to respond.

Any ideas about how to diagnose and fix this problem much appreciated.
 
Sort by date Sort by votes
If you had two devices that demonstrated the same fault, I tend to think it is a problem with one of the other pieces of equipment. You can turn on logging and see what is happening or use the ASDM and see what is going on live.


Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
When the interface disappears, are you able to reach the device (either via console or another mgt interface)? If so, I would setup a capture on the external interface to see if you are getting arp responses from the router. My quess is it is not responding to arp after a while. Also check your arp table .
Even though I am sure this is not related to the firewall itself, also check for errors on your outside interface.

IT Security news and information
In plain English
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
140
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
146
intel233
intel233
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
156
intel233
intel233
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
121
AllenH12
AllenH12
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
52
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top