Solved

Created sub-interfaces on ASA 5510 | Can no longer access managment0/0 interface

Posted on 2009-05-06
1
448 Views
Last Modified: 2012-05-06
I added the VLAN sub-interfaces via WinAgents HyperConf (pasted the relative VLAN info and did an upload) and as soon as that completed, I could no longer use WinAgent HyperConf via ssh as I can no longer even ping the management0/0 interface.

Can't figure out why adding those sub-interfaces to Ethernet0/0 would have affected communication on the management0/0 port.

Below is my running-config:
ASA Version 8.0(4)

!

hostname asa

domain-name domain.local

enable password XXXXX encrypted

passwd XXXXX encrypted

names

dns-guard

!

interface Ethernet0/0

 speed 1000

 no nameif

 no security-level

 no ip address

!

interface Ethernet0/0.100

 description MANAGEMENT

 vlan 400

 nameif MGT

 security-level 100

 ip address 10.1.200.1 255.255.255.0

!

interface Ethernet0/0.101

 description CORPORATE

 vlan 401

 nameif CORP

 security-level 100

 ip address 10.1.201.1 255.255.255.0

!

interface Ethernet0/0.102

 description OFFICE1

 vlan 402

 nameif EO

 security-level 100

 ip address 10.1.202.1 255.255.255.0

!

interface Ethernet0/0.103

 description POFFICE1

 vlan 403

 nameif P1O

 security-level 100

 ip address 10.1.203.1 255.255.255.0

!

interface Ethernet0/0.104

 description POFFICE2

 vlan 404

 nameif P2O

 security-level 100

 ip address 10.1.204.1 255.255.255.0

!

interface Ethernet0/0.105

 description POFFICE3

 vlan 405

 nameif P3O

 security-level 100

 ip address 10.1.205.1 255.255.255.0

!

interface Ethernet0/0.106

 description POFFICE4

 vlan 406

 nameif P4O

 security-level 100

 ip address 10.1.206.1 255.255.255.0

!

interface Ethernet0/0.107

 description S5OFFICE

 vlan 407

 nameif S5O

 security-level 100

 ip address 10.1.207.1 255.255.255.0

!

interface Ethernet0/0.108

 description LOFFICE1

 vlan 408

 nameif L1O

 security-level 100

 ip address 10.1.208.1 255.255.255.0

!

interface Ethernet0/0.109

 description LOFFICE2

 vlan 409

 nameif L2O

 security-level 100

 ip address 10.1.209.1 255.255.255.0

!

interface Ethernet0/0.110

 description S8OFFICE

 vlan 410

 nameif S8O

 security-level 100

 ip address 10.1.210.1 255.255.255.0

!

interface Ethernet0/0.111

 description BARN

 vlan 501

 nameif BARN

 security-level 100

 ip address 10.1.211.1 255.255.255.0

!

interface Ethernet0/0.112

 description BARN2

 vlan 502

 nameif BARN2

 security-level 100

 ip address 10.1.212.1 255.255.255.0

!

interface Ethernet0/0.113

 description PBARN1

 vlan 503

 nameif P1B

 security-level 100

 ip address 10.1.213.1 255.255.255.0

!

interface Ethernet0/0.114

 description PBARN2

 vlan 504

 nameif P2B

 security-level 100

 ip address 10.1.214.1 255.255.255.0

!

interface Ethernet0/0.115

 description PBARN3

 vlan 505

 nameif P3B

 security-level 100

 ip address 10.1.215.1 255.255.255.0

!

interface Ethernet0/0.116

 description PBARN4

 vlan 506

 nameif P4B

 security-level 100

 ip address 10.1.216.1 255.255.255.0

!

interface Ethernet0/0.117

 description SBARN5

 vlan 507

 nameif S5B

 security-level 100

 ip address 10.1.217.1 255.255.255.0

!

interface Ethernet0/0.118

 description LBARN1

 vlan 508

 nameif L1B

 security-level 100

 ip address 10.1.218.1 255.255.255.0

!

interface Ethernet0/0.119

 description LBARN2

 vlan 509

 nameif L2B

 security-level 100

 ip address 10.1.219.1 255.255.255.0

!

interface Ethernet0/0.120

 description SBARN8

 vlan 510

 nameif S8B

 security-level 100

 ip address 10.1.220.1 255.255.255.0

!

interface Ethernet0/1

 speed 1000

 shutdown

 no nameif

 no security-level

 no ip address

!

interface Ethernet0/2

 shutdown

 no nameif

 no security-level

 no ip address

!

interface Ethernet0/3

 shutdown

 no nameif

 no security-level

 no ip address

!

interface Management0/0

 nameif MGMT

 security-level 100

 ip address 192.168.1.9 255.255.255.0

 management-only

!

ftp mode passive

dns server-group DefaultDNS

 domain-name domain.local

access-list inside_temp_in extended permit ip any any

access-list inside_temp_out extended permit ip any any

pager lines 24

logging enable

logging asdm informational

mtu MGT 1500

mtu CORP 1500

mtu EO 1500

mtu P1O 1500

mtu P2O 1500

mtu P3O 1500

mtu P4O 1500

mtu S5O 1500

mtu L1O 1500

mtu L2O 1500

mtu S8O 1500

mtu BARN 1500

mtu EB 1500

mtu P1B 1500

mtu P2B 1500

mtu P3B 1500

mtu P4B 1500

mtu S5B 1500

mtu L1B 1500

mtu L2B 1500

mtu S8B 1500

mtu MGMT 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

asdm image disk0:/asdm-615.bin

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

dynamic-access-policy-record DfltAccessPolicy

aaa authentication ssh console LOCAL

http server enable

http 192.168.1.0 255.255.255.0 MGMT

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

virtual telnet 192.168.1.9 MGMT

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

telnet timeout 5

ssh 192.168.1.0 255.255.255.0 MGMT

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

username admin password XXXXX encrypted

!

class-map inspection_default

 match default-inspection-traffic

!

!

policy-map type inspect dns migrated_dns_map_1

 parameters

  message-length maximum 512

policy-map global_policy

 class inspection_default

  inspect dns migrated_dns_map_1

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny

  inspect sunrpc

  inspect xdmcp

  inspect sip

  inspect netbios

  inspect tftp

!

service-policy global_policy global

prompt hostname context

Cryptochecksum:XXXXX

: end

Open in new window

0
Comment
Question by:Tercestisi
1 Comment
 

Accepted Solution

by:
Tercestisi earned 0 total points
ID: 24318492
This is the second time this has happened... I just recreated the Management0/0 config (changed nothing) and now it works again.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now