Solved

Created sub-interfaces on ASA 5510 | Can no longer access managment0/0 interface

Posted on 2009-05-06
1
457 Views
Last Modified: 2012-05-06
I added the VLAN sub-interfaces via WinAgents HyperConf (pasted the relative VLAN info and did an upload) and as soon as that completed, I could no longer use WinAgent HyperConf via ssh as I can no longer even ping the management0/0 interface.

Can't figure out why adding those sub-interfaces to Ethernet0/0 would have affected communication on the management0/0 port.

Below is my running-config:
ASA Version 8.0(4)
!
hostname asa
domain-name domain.local
enable password XXXXX encrypted
passwd XXXXX encrypted
names
dns-guard
!
interface Ethernet0/0
 speed 1000
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/0.100
 description MANAGEMENT
 vlan 400
 nameif MGT
 security-level 100
 ip address 10.1.200.1 255.255.255.0
!
interface Ethernet0/0.101
 description CORPORATE
 vlan 401
 nameif CORP
 security-level 100
 ip address 10.1.201.1 255.255.255.0
!
interface Ethernet0/0.102
 description OFFICE1
 vlan 402
 nameif EO
 security-level 100
 ip address 10.1.202.1 255.255.255.0
!
interface Ethernet0/0.103
 description POFFICE1
 vlan 403
 nameif P1O
 security-level 100
 ip address 10.1.203.1 255.255.255.0
!
interface Ethernet0/0.104
 description POFFICE2
 vlan 404
 nameif P2O
 security-level 100
 ip address 10.1.204.1 255.255.255.0
!
interface Ethernet0/0.105
 description POFFICE3
 vlan 405
 nameif P3O
 security-level 100
 ip address 10.1.205.1 255.255.255.0
!
interface Ethernet0/0.106
 description POFFICE4
 vlan 406
 nameif P4O
 security-level 100
 ip address 10.1.206.1 255.255.255.0
!
interface Ethernet0/0.107
 description S5OFFICE
 vlan 407
 nameif S5O
 security-level 100
 ip address 10.1.207.1 255.255.255.0
!
interface Ethernet0/0.108
 description LOFFICE1
 vlan 408
 nameif L1O
 security-level 100
 ip address 10.1.208.1 255.255.255.0
!
interface Ethernet0/0.109
 description LOFFICE2
 vlan 409
 nameif L2O
 security-level 100
 ip address 10.1.209.1 255.255.255.0
!
interface Ethernet0/0.110
 description S8OFFICE
 vlan 410
 nameif S8O
 security-level 100
 ip address 10.1.210.1 255.255.255.0
!
interface Ethernet0/0.111
 description BARN
 vlan 501
 nameif BARN
 security-level 100
 ip address 10.1.211.1 255.255.255.0
!
interface Ethernet0/0.112
 description BARN2
 vlan 502
 nameif BARN2
 security-level 100
 ip address 10.1.212.1 255.255.255.0
!
interface Ethernet0/0.113
 description PBARN1
 vlan 503
 nameif P1B
 security-level 100
 ip address 10.1.213.1 255.255.255.0
!
interface Ethernet0/0.114
 description PBARN2
 vlan 504
 nameif P2B
 security-level 100
 ip address 10.1.214.1 255.255.255.0
!
interface Ethernet0/0.115
 description PBARN3
 vlan 505
 nameif P3B
 security-level 100
 ip address 10.1.215.1 255.255.255.0
!
interface Ethernet0/0.116
 description PBARN4
 vlan 506
 nameif P4B
 security-level 100
 ip address 10.1.216.1 255.255.255.0
!
interface Ethernet0/0.117
 description SBARN5
 vlan 507
 nameif S5B
 security-level 100
 ip address 10.1.217.1 255.255.255.0
!
interface Ethernet0/0.118
 description LBARN1
 vlan 508
 nameif L1B
 security-level 100
 ip address 10.1.218.1 255.255.255.0
!
interface Ethernet0/0.119
 description LBARN2
 vlan 509
 nameif L2B
 security-level 100
 ip address 10.1.219.1 255.255.255.0
!
interface Ethernet0/0.120
 description SBARN8
 vlan 510
 nameif S8B
 security-level 100
 ip address 10.1.220.1 255.255.255.0
!
interface Ethernet0/1
 speed 1000
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif MGMT
 security-level 100
 ip address 192.168.1.9 255.255.255.0
 management-only
!
ftp mode passive
dns server-group DefaultDNS
 domain-name domain.local
access-list inside_temp_in extended permit ip any any
access-list inside_temp_out extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu MGT 1500
mtu CORP 1500
mtu EO 1500
mtu P1O 1500
mtu P2O 1500
mtu P3O 1500
mtu P4O 1500
mtu S5O 1500
mtu L1O 1500
mtu L2O 1500
mtu S8O 1500
mtu BARN 1500
mtu EB 1500
mtu P1B 1500
mtu P2B 1500
mtu P3B 1500
mtu P4B 1500
mtu S5B 1500
mtu L1B 1500
mtu L2B 1500
mtu S8B 1500
mtu MGMT 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-615.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 MGMT
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
virtual telnet 192.168.1.9 MGMT
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 MGMT
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username admin password XXXXX encrypted
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns migrated_dns_map_1
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:XXXXX
: end

Open in new window

0
Comment
Question by:Tercestisi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
Tercestisi earned 0 total points
ID: 24318492
This is the second time this has happened... I just recreated the Management0/0 config (changed nothing) and now it works again.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question