• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 328
  • Last Modified:

Cisco ASA 5500 Firewall

Hi there,

We work on a site where with two networks, one is a 192.168.1.x and one 192.168.2.x - the .2 being "GUEST" mode on a Cisco ASA 5500 Firewall.

The Firewall has 10 User Licenses.

We don't manage the firewall nor have access to it.

We have found that on the 192.168.1.x sometimes some of the machines don't browse. They can ping the gateway. The same happens on the 192.168.2.x network. It's very sporadic but machines can ping the gateway but not browse.

How is a "User" license decided? Are they fixed, i.e. first 10 devices? Is it connection based? Should it just block all connectivity!?

Any advise which could be offered would be greatfully received.

M
0
mattstannard
Asked:
mattstannard
  • 2
1 Solution
 
Thomas_RoesCommented:
Cisco want's your cache. This 10 user license mean's 10 devices can access the internet. I'm not exactly sure how long an IP (of MAC) address is cached as using the internet, but you do want to add extra user licenses if you have them.

Good router, but Cisco asks a lot (of cache) for it.

Thomas Roes
0
 
mattstannardAuthor Commented:
Hi Thomas,

Does it just block everything?

Can you force the cache to be cleared?

M
0
 
Thomas_RoesCommented:
As far as I remember, it block's everything for the 11th device. Clearing cache, don't know, rebooting the firewall helps, but you don't want that.

I see two options:
- 10->25 user upgrade (or unlimited)
- replace router (depending on your needs, this can be cheaper that the user license upgrade).

BUT: if you don't have access to it, and you don't manage it, put the problem at the guy's who do.

Thomas
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now