Firstly, let me describe briefly my setup: internal Lan with 2 servers (Windows Server 2003 and 2008) and approximately 25 PCs, mostly Windows Xp Pro SP3 and a couple of Vista Business laptops. One of the servers acts as DHCP server so all settings for network are consistent across all PCs.
I have just added a Cisco ASA 5505 and it works perfectly for delivering and receiving Emails from our server and for users to connect to net.
But the major problem is that internal LAN has become intermittent; sometimes it works and then just dies. I have tried everything including disabling all Windows Firewalls using Group Policy but the problem remains. When I simply replace the Cisco ASA 5505 with the previous Zyxel Firewall, there are no problems.
The network setup is basically a Dell Connect Switch feeding to Cisco ASA 5505 and then to DSL Modem. I would expect the ASA 5505 to just act as gateway and not do any traffic routing or inspection on the LAN.
The following messages show just a sample of firewall messages:
<147>Jan 24 2009 17:44:45: %ASA-3-106015: Deny TCP (no connection) from 10.0.0.3/135 to 10.0.0.2/4942 flags SYN ACK on interface inside
<147>Jan 24 2009 17:44:15: %ASA-3-106015: Deny TCP (no connection) from 10.0.0.31/4461 to 10.0.0.44/139 flags ACK on interface inside
<147>Jan 24 2009 17:44:15: %ASA-3-106015: Deny TCP (no connection) from 10.0.0.31/4461 to 10.0.0.44/139 flags ACK on interface inside
(there are others as well just dropping SYN connections PC-PC, PC-Server, Server-Server and the servers on the LAN; I know that it is to do with "stateful inspection", that these connections are denied, but why is the ASA5505 inspecting and controlling LAN traffic?)
In other words the ASA 5505 is inspecting and routing traffic on the LAN. How do I configure it to work correctly with regards to LAN traffic?
On the inside VLAN 1 I have disabled all switch ports except 0/1, assuming that it would then not act as a switch, but the result is the same and I get the same Deny messages.
Thank you for reading this and I hope that you can offer me some insight as to what I should do (other than writing off my €1000 spend on this firewall by using a sledge-hammer)
I have just added a Cisco ASA 5505 and it works perfectly for delivering and receiving Emails from our server and for users to connect to net.
But the major problem is that internal LAN has become intermittent; sometimes it works and then just dies. I have tried everything including disabling all Windows Firewalls using Group Policy but the problem remains. When I simply replace the Cisco ASA 5505 with the previous Zyxel Firewall, there are no problems.
The network setup is basically a Dell Connect Switch feeding to Cisco ASA 5505 and then to DSL Modem. I would expect the ASA 5505 to just act as gateway and not do any traffic routing or inspection on the LAN.
The following messages show just a sample of firewall messages:
<147>Jan 24 2009 17:44:45: %ASA-3-106015: Deny TCP (no connection) from 10.0.0.3/135 to 10.0.0.2/4942 flags SYN ACK on interface inside
<147>Jan 24 2009 17:44:15: %ASA-3-106015: Deny TCP (no connection) from 10.0.0.31/4461 to 10.0.0.44/139 flags ACK on interface inside
<147>Jan 24 2009 17:44:15: %ASA-3-106015: Deny TCP (no connection) from 10.0.0.31/4461 to 10.0.0.44/139 flags ACK on interface inside
(there are others as well just dropping SYN connections PC-PC, PC-Server, Server-Server and the servers on the LAN; I know that it is to do with "stateful inspection", that these connections are denied, but why is the ASA5505 inspecting and controlling LAN traffic?)
In other words the ASA 5505 is inspecting and routing traffic on the LAN. How do I configure it to work correctly with regards to LAN traffic?
On the inside VLAN 1 I have disabled all switch ports except 0/1, assuming that it would then not act as a switch, but the result is the same and I get the same Deny messages.
Thank you for reading this and I hope that you can offer me some insight as to what I should do (other than writing off my €1000 spend on this firewall by using a sledge-hammer)