bkeating13
asked on
Cisco ASA5505 losing connectivity
We are losing our internet connection and having to reboot the Comcast broadband modem and ASA 5505 to get the internet backup. This is happening a couple times a day. Does anyone know why this would be happening. Could an IP address conflict on the network be causing this? Is there a way I can setup an alert to when this happen to help with troubleshooting? I have attached the current configuration running on the firewall.
current-config-clean.txt
current-config-clean.txt
Next time it happens, can you try plug a pc straight to Comcast broadband modem. we'll try narrow down the issue as it might be the issue only with the internet modem.
Thanks ricks_v,
divide and conquer...
divide and conquer...
ASKER
I installed 3CDaemon but don't get anything reported. Here is all that is reported.
Feb 28 10:17:03 local Listening for Syslog messages on IP address: 192.168.1.2
Feb 28 10:17:03 local Listening for Syslog messages on IP address: 192.168.234.1
Feb 28 10:17:03 local Listening for Syslog messages on IP address: 192.168.10.1
Feb 28 13:16:25 local Listening for Syslog messages on IP address: 192.168.1.2
Feb 28 13:16:25 local Listening for Syslog messages on IP address: 192.168.234.1
Feb 28 13:16:25 local Listening for Syslog messages on IP address: 192.168.10.1
Feb 28 10:17:03 local Listening for Syslog messages on IP address: 192.168.1.2
Feb 28 10:17:03 local Listening for Syslog messages on IP address: 192.168.234.1
Feb 28 10:17:03 local Listening for Syslog messages on IP address: 192.168.10.1
Feb 28 13:16:25 local Listening for Syslog messages on IP address: 192.168.1.2
Feb 28 13:16:25 local Listening for Syslog messages on IP address: 192.168.234.1
Feb 28 13:16:25 local Listening for Syslog messages on IP address: 192.168.10.1
You need to set the PIX up with a syslog server, then apply a inspect policy that will forward warning, errors
Here is my logging section:
logging enable
logging timestamp
logging monitor debugging
logging trap errors
logging asdm notifications
logging mail errors
logging from-address name@domain.com.au
logging recipient-address name@domain level emergencies
logging device-id hostname
logging host inside sysloghostint
logging host inside sysloghostext
logging class auth mail notifications trap informational
Here is my logging section:
logging enable
logging timestamp
logging monitor debugging
logging trap errors
logging asdm notifications
logging mail errors
logging from-address name@domain.com.au
logging recipient-address name@domain level emergencies
logging device-id hostname
logging host inside sysloghostint
logging host inside sysloghostext
logging class auth mail notifications trap informational
ASKER
Thanks for the info. My Cisco skills are very limited. Would it be possible to get a little more detail on how to setup the logging on the firewall?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I got logging setup and received over 100 of the following error messages this morning.
<163>Mar 10 2009 07:44:20 xxxChicago : %ASA-3-710003: TCP access denied by ACL from 192.168.1.124/52665 to inside:xx.xx.xx.xx/80
Not sure what this error is from. Any thoughts?
<163>Mar 10 2009 07:44:20 xxxChicago : %ASA-3-710003: TCP access denied by ACL from 192.168.1.124/52665 to inside:xx.xx.xx.xx/80
Not sure what this error is from. Any thoughts?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It could be an outage, DDOS attack or just a faulty port, amongst others issues, but start with the syslog, get 3CDeamon or another syslog server.
You can also see the syslog messages in the ASDM lower window, but with limited depth, its too hard to observe properly, but may help your issue...