Solved

Cisco FW VPN 5510 - SSL question

Posted on 2009-04-10
8
2,486 Views
Last Modified: 2012-05-06
Hello, this would probably be my first post after x amount of years here. I have a question. There seems to be something preventing our ssl portal from letting users log in. I have attached a screen capture of what happens when the correct credentials are inserted.

The problem is outside our network and has occured twice. The only known remedies that have come close to my issue is to reset/restart our ASA. The last time this happened I didn't get around to it and was self-remedied.

I've already tried logging into the ASDM console to see if there is a setting for updating the session management database but I don't see anything up front.

Im not to experienced in troubleshooting the cisco 5510 firewall. So i figured I'd drop a line here to see what many of you thought. The application is in a live environment. Any realistic suggestions and steps will be taking into consideration.

If there is anything else you need from me to assist in this please let me know.

Thank you in advanced.

"Unable to update the session management database"
heryougo.JPG
0
Comment
Question by:zenki_fc
  • 4
  • 3
8 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 24116635
At the time of the error were there the MAX number of users connected?
I.e. a reboot of the device kicks all the existing sessions.

I.e. how many simultaneous VPN connection does your ASA support/licensed for?
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24116733
If I am no mistaken it can take up to 50 users at once. I highly doubt that all 50+ users were on at one point in time. But that's a good question. I will go ahead and reset/kick any users logged in and try again.
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 24116864
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 1

Author Comment

by:zenki_fc
ID: 24130400
Hmm... we have 50 licenses so I don't think that exceeding the amount of users is the problem in this case. The issue was self resolved again the following morning (Saturday). Is there some sort of temporary/cache files that have to be cleared?

Any other ideas?
0
 
LVL 76

Expert Comment

by:arnold
ID: 24131127
Are there any errors/notives logged dealing with why access was being denied?
What are you timeouts set to?  I.e. how long is a session state maintained?
How many individuals can establish a VPN connection?  trying to see whether the 50 was met not with 50 simulteneous access but enough that logged in. and logged out within the timeout period. I.e. similar to an ARP cache that will take some time prior to the ASA clearing a session ID.
how do you control access to the SSL VPN?  Is it based on local auth or you have external Radius auth?
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24149697
Hey Arnold, thanks for your input. Since it's up and running right now I won't be able to dedicate as much time to it due to other deadlines and projects that are currently in motion. I will have to work with this later this weekend and keep you posted on any findings.

Thanks for being in touch and quick on responses. Have a great day.
0
 
LVL 1

Author Comment

by:zenki_fc
ID: 24818561
I can't seem to find another possible culprit to this. The only item that came close to this was the limited amout of users that can be connected.

Wanted to thank you all and I apologize for the delay. It was mostly on my part trying to troubleshoot it, but it hasnt come back and no one has reported this error since.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Introduction A frequently used term in Object-Oriented design is "SOLID" which is a mnemonic acronym that covers five principles of OO design.  These principles do not stand alone; there is interplay among them.  And they are not laws, merely princ…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now