Solved

Cisco FW VPN 5510 - SSL question

Posted on 2009-04-10
8
2,539 Views
Last Modified: 2012-05-06
Hello, this would probably be my first post after x amount of years here. I have a question. There seems to be something preventing our ssl portal from letting users log in. I have attached a screen capture of what happens when the correct credentials are inserted.

The problem is outside our network and has occured twice. The only known remedies that have come close to my issue is to reset/restart our ASA. The last time this happened I didn't get around to it and was self-remedied.

I've already tried logging into the ASDM console to see if there is a setting for updating the session management database but I don't see anything up front.

Im not to experienced in troubleshooting the cisco 5510 firewall. So i figured I'd drop a line here to see what many of you thought. The application is in a live environment. Any realistic suggestions and steps will be taking into consideration.

If there is anything else you need from me to assist in this please let me know.

Thank you in advanced.

"Unable to update the session management database"
heryougo.JPG
0
Comment
Question by:zenki_fc
  • 4
  • 3
8 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 24116635
At the time of the error were there the MAX number of users connected?
I.e. a reboot of the device kicks all the existing sessions.

I.e. how many simultaneous VPN connection does your ASA support/licensed for?
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24116733
If I am no mistaken it can take up to 50 users at once. I highly doubt that all 50+ users were on at one point in time. But that's a good question. I will go ahead and reset/kick any users logged in and try again.
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 24116864
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 1

Author Comment

by:zenki_fc
ID: 24130400
Hmm... we have 50 licenses so I don't think that exceeding the amount of users is the problem in this case. The issue was self resolved again the following morning (Saturday). Is there some sort of temporary/cache files that have to be cleared?

Any other ideas?
0
 
LVL 78

Expert Comment

by:arnold
ID: 24131127
Are there any errors/notives logged dealing with why access was being denied?
What are you timeouts set to?  I.e. how long is a session state maintained?
How many individuals can establish a VPN connection?  trying to see whether the 50 was met not with 50 simulteneous access but enough that logged in. and logged out within the timeout period. I.e. similar to an ARP cache that will take some time prior to the ASA clearing a session ID.
how do you control access to the SSL VPN?  Is it based on local auth or you have external Radius auth?
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24149697
Hey Arnold, thanks for your input. Since it's up and running right now I won't be able to dedicate as much time to it due to other deadlines and projects that are currently in motion. I will have to work with this later this weekend and keep you posted on any findings.

Thanks for being in touch and quick on responses. Have a great day.
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24818561
I can't seem to find another possible culprit to this. The only item that came close to this was the limited amout of users that can be connected.

Wanted to thank you all and I apologize for the delay. It was mostly on my part trying to troubleshoot it, but it hasnt come back and no one has reported this error since.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cannot Delete Sonicwall VPN policy 5 79
New office setup 2 31
Connecting to multiple databases to create a Dashboard 5 71
Routing certain SSLVPN Traffic to CDN 1 22
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question