Solved

Created sub-interfaces on ASA 5510 | Can no longer access managment0/0 interface

Posted on 2009-05-06
1
451 Views
Last Modified: 2012-05-06
I added the VLAN sub-interfaces via WinAgents HyperConf (pasted the relative VLAN info and did an upload) and as soon as that completed, I could no longer use WinAgent HyperConf via ssh as I can no longer even ping the management0/0 interface.

Can't figure out why adding those sub-interfaces to Ethernet0/0 would have affected communication on the management0/0 port.

Below is my running-config:
ASA Version 8.0(4)
!
hostname asa
domain-name domain.local
enable password XXXXX encrypted
passwd XXXXX encrypted
names
dns-guard
!
interface Ethernet0/0
 speed 1000
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/0.100
 description MANAGEMENT
 vlan 400
 nameif MGT
 security-level 100
 ip address 10.1.200.1 255.255.255.0
!
interface Ethernet0/0.101
 description CORPORATE
 vlan 401
 nameif CORP
 security-level 100
 ip address 10.1.201.1 255.255.255.0
!
interface Ethernet0/0.102
 description OFFICE1
 vlan 402
 nameif EO
 security-level 100
 ip address 10.1.202.1 255.255.255.0
!
interface Ethernet0/0.103
 description POFFICE1
 vlan 403
 nameif P1O
 security-level 100
 ip address 10.1.203.1 255.255.255.0
!
interface Ethernet0/0.104
 description POFFICE2
 vlan 404
 nameif P2O
 security-level 100
 ip address 10.1.204.1 255.255.255.0
!
interface Ethernet0/0.105
 description POFFICE3
 vlan 405
 nameif P3O
 security-level 100
 ip address 10.1.205.1 255.255.255.0
!
interface Ethernet0/0.106
 description POFFICE4
 vlan 406
 nameif P4O
 security-level 100
 ip address 10.1.206.1 255.255.255.0
!
interface Ethernet0/0.107
 description S5OFFICE
 vlan 407
 nameif S5O
 security-level 100
 ip address 10.1.207.1 255.255.255.0
!
interface Ethernet0/0.108
 description LOFFICE1
 vlan 408
 nameif L1O
 security-level 100
 ip address 10.1.208.1 255.255.255.0
!
interface Ethernet0/0.109
 description LOFFICE2
 vlan 409
 nameif L2O
 security-level 100
 ip address 10.1.209.1 255.255.255.0
!
interface Ethernet0/0.110
 description S8OFFICE
 vlan 410
 nameif S8O
 security-level 100
 ip address 10.1.210.1 255.255.255.0
!
interface Ethernet0/0.111
 description BARN
 vlan 501
 nameif BARN
 security-level 100
 ip address 10.1.211.1 255.255.255.0
!
interface Ethernet0/0.112
 description BARN2
 vlan 502
 nameif BARN2
 security-level 100
 ip address 10.1.212.1 255.255.255.0
!
interface Ethernet0/0.113
 description PBARN1
 vlan 503
 nameif P1B
 security-level 100
 ip address 10.1.213.1 255.255.255.0
!
interface Ethernet0/0.114
 description PBARN2
 vlan 504
 nameif P2B
 security-level 100
 ip address 10.1.214.1 255.255.255.0
!
interface Ethernet0/0.115
 description PBARN3
 vlan 505
 nameif P3B
 security-level 100
 ip address 10.1.215.1 255.255.255.0
!
interface Ethernet0/0.116
 description PBARN4
 vlan 506
 nameif P4B
 security-level 100
 ip address 10.1.216.1 255.255.255.0
!
interface Ethernet0/0.117
 description SBARN5
 vlan 507
 nameif S5B
 security-level 100
 ip address 10.1.217.1 255.255.255.0
!
interface Ethernet0/0.118
 description LBARN1
 vlan 508
 nameif L1B
 security-level 100
 ip address 10.1.218.1 255.255.255.0
!
interface Ethernet0/0.119
 description LBARN2
 vlan 509
 nameif L2B
 security-level 100
 ip address 10.1.219.1 255.255.255.0
!
interface Ethernet0/0.120
 description SBARN8
 vlan 510
 nameif S8B
 security-level 100
 ip address 10.1.220.1 255.255.255.0
!
interface Ethernet0/1
 speed 1000
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif MGMT
 security-level 100
 ip address 192.168.1.9 255.255.255.0
 management-only
!
ftp mode passive
dns server-group DefaultDNS
 domain-name domain.local
access-list inside_temp_in extended permit ip any any
access-list inside_temp_out extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu MGT 1500
mtu CORP 1500
mtu EO 1500
mtu P1O 1500
mtu P2O 1500
mtu P3O 1500
mtu P4O 1500
mtu S5O 1500
mtu L1O 1500
mtu L2O 1500
mtu S8O 1500
mtu BARN 1500
mtu EB 1500
mtu P1B 1500
mtu P2B 1500
mtu P3B 1500
mtu P4B 1500
mtu S5B 1500
mtu L1B 1500
mtu L2B 1500
mtu S8B 1500
mtu MGMT 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-615.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 MGMT
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
virtual telnet 192.168.1.9 MGMT
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 MGMT
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username admin password XXXXX encrypted
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns migrated_dns_map_1
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:XXXXX
: end

Open in new window

0
Comment
Question by:Tercestisi
1 Comment
 

Accepted Solution

by:
Tercestisi earned 0 total points
ID: 24318492
This is the second time this has happened... I just recreated the Management0/0 config (changed nothing) and now it works again.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question