Solved

Cisco ASA 5500 Firewall

Posted on 2011-09-12
3
311 Views
Last Modified: 2012-05-12
Hi there,

We work on a site where with two networks, one is a 192.168.1.x and one 192.168.2.x - the .2 being "GUEST" mode on a Cisco ASA 5500 Firewall.

The Firewall has 10 User Licenses.

We don't manage the firewall nor have access to it.

We have found that on the 192.168.1.x sometimes some of the machines don't browse. They can ping the gateway. The same happens on the 192.168.2.x network. It's very sporadic but machines can ping the gateway but not browse.

How is a "User" license decided? Are they fixed, i.e. first 10 devices? Is it connection based? Should it just block all connectivity!?

Any advise which could be offered would be greatfully received.

M
0
Comment
Question by:mattstannard
  • 2
3 Comments
 
LVL 3

Expert Comment

by:Thomas_Roes
ID: 36525168
Cisco want's your cache. This 10 user license mean's 10 devices can access the internet. I'm not exactly sure how long an IP (of MAC) address is cached as using the internet, but you do want to add extra user licenses if you have them.

Good router, but Cisco asks a lot (of cache) for it.

Thomas Roes
0
 

Author Comment

by:mattstannard
ID: 36525227
Hi Thomas,

Does it just block everything?

Can you force the cache to be cleared?

M
0
 
LVL 3

Accepted Solution

by:
Thomas_Roes earned 500 total points
ID: 36525640
As far as I remember, it block's everything for the 11th device. Clearing cache, don't know, rebooting the firewall helps, but you don't want that.

I see two options:
- 10->25 user upgrade (or unlimited)
- replace router (depending on your needs, this can be cheaper that the user license upgrade).

BUT: if you don't have access to it, and you don't manage it, put the problem at the guy's who do.

Thomas
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question