Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1036
  • Last Modified:

cisco asa 5510 upgrade to 8.4.2

Hi Experts,
I have upgraded to version 8.4.2 my asa 5510
Now I have very slow internet.
What is the problem ?
I saw a inspect rule : INSPECT IP-OPTIONS
Is this causing the error ?
How to fix this error ?
0
Eprs_Admin
Asked:
Eprs_Admin
  • 3
  • 3
1 Solution
 
MikeKaneCommented:
Well, if you suspect anything in the class inspection, you can easily disable the suspects one by one and see if anything improves.      I would say that if you don't use dns doctoring, then try disabling the 'inspect dns' first.    

Take a look at the log to see if anything is being reported there as well.
0
 
Eprs_AdminSystem ArchitectAuthor Commented:
Hi,
please can you explain in detail with commands ?
I am not a cisco pro

0
 
MikeKaneCommented:
In your code, you should have a section for class-inspect.    like this:

policy-map global_policy
 class inspection_default
  inspect tftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect sunrpc
  inspect sqlnet

if you have inspect dns, then just issue the commands:
config t
policy-map global_policy
class inspection_default
no inspect dns
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Eprs_AdminSystem ArchitectAuthor Commented:
Hi,

we had some very strange things after the upgrade.
The internet was very very slow but available.
After the upgrade we had a lot of changes in the config and some new commands.
How is it possible, that after a simple upgrade the config changed and the internet is not working ?
0
 
MikeKaneCommented:
The upgrade to 8.4 introduced a lot of new features and a new method for handing NATs.      It is a major change and should have been a 9.0 version release instead of a dot version release IMHO.      

Personally, I don't understand why there was a need for the change.  I'm still waiting for someone to explain the pros to me.    

Look here:
https://supportforums.cisco.com/docs/DOC-12690

0
 
Eprs_AdminSystem ArchitectAuthor Commented:
Thanks for the info
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now