Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ASA5500 Connections not working on select outside IPs

Posted on 2013-02-01
5
Medium Priority
?
225 Views
Last Modified: 2013-03-01
We have a situation where we can not connect to  certain ip addresses.  We have worked with the it staff at destinations and they say we are not blocked.

If we send from a DMZ (virtual machine) out another internet connection it works fine.  We believe we have it down to the ASA, or Extreme switch.  We can ping 99% of external locations. But we are not able to reach some sites through various ports or protocols.  We have no rules restricting these IPs.  Other locations work great for email, telnet tests, etc...
0
Comment
Question by:PostQ
  • 3
5 Comments
 
LVL 10

Expert Comment

by:joelsplace
ID: 38844337
Are you sure the IPs are blocked or could it be DNS?  I've had a similar issue and it ended up being an ISP router issue.  Does tracert show the pings failing at your ASA?
0
 
LVL 2

Author Comment

by:PostQ
ID: 38844363
Updated info:  Traffic seems to route from other internal switches. Just not this Extreme Summit switch.

We plan an IOS upgrade and a reboot next weekend.  I will continue the thread if that does not fix it.

Thanks
0
 
LVL 17

Expert Comment

by:Marius Gunnerud
ID: 38923704
can you reach these same sites using other protocols?  Lets say you are being blocked when trying to access port 80 at a certain site, but will you be blocked if you try to access port 21?

You say when you when you send out another internet connection it works fine.  Where is this internet connection located? is it also connected to the ASA?

Would you be able to post a sanitized configuration output?
0
 
LVL 2

Accepted Solution

by:
PostQ earned 0 total points
ID: 38924198
We have it solved down to one extreme switch that uses 4 ports aggregated.  

The others switches send out any asa fine.  So it's just a link aggregation issue to work through.
0
 
LVL 2

Author Closing Comment

by:PostQ
ID: 38941485
We found the link agg. bug in this path with any protocol.
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question