Solved

Cisco ASA 5500 Firewall

Posted on 2011-09-12
3
312 Views
Last Modified: 2012-05-12
Hi there,

We work on a site where with two networks, one is a 192.168.1.x and one 192.168.2.x - the .2 being "GUEST" mode on a Cisco ASA 5500 Firewall.

The Firewall has 10 User Licenses.

We don't manage the firewall nor have access to it.

We have found that on the 192.168.1.x sometimes some of the machines don't browse. They can ping the gateway. The same happens on the 192.168.2.x network. It's very sporadic but machines can ping the gateway but not browse.

How is a "User" license decided? Are they fixed, i.e. first 10 devices? Is it connection based? Should it just block all connectivity!?

Any advise which could be offered would be greatfully received.

M
0
Comment
Question by:mattstannard
  • 2
3 Comments
 
LVL 3

Expert Comment

by:Thomas_Roes
ID: 36525168
Cisco want's your cache. This 10 user license mean's 10 devices can access the internet. I'm not exactly sure how long an IP (of MAC) address is cached as using the internet, but you do want to add extra user licenses if you have them.

Good router, but Cisco asks a lot (of cache) for it.

Thomas Roes
0
 

Author Comment

by:mattstannard
ID: 36525227
Hi Thomas,

Does it just block everything?

Can you force the cache to be cleared?

M
0
 
LVL 3

Accepted Solution

by:
Thomas_Roes earned 500 total points
ID: 36525640
As far as I remember, it block's everything for the 11th device. Clearing cache, don't know, rebooting the firewall helps, but you don't want that.

I see two options:
- 10->25 user upgrade (or unlimited)
- replace router (depending on your needs, this can be cheaper that the user license upgrade).

BUT: if you don't have access to it, and you don't manage it, put the problem at the guy's who do.

Thomas
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question