[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

After switching from ASA 5510 to ASA 5512 strange ack = (big number) behavior?

Posted on 2014-01-22
6
Medium Priority
?
356 Views
Last Modified: 2014-02-11
After switch from ASA 5510 to ASA 5512 the internal network are acting strangely. We can't connect and print to our Konica-Minolta printers. And can't connect to WMware ESX via Sphere. Everything else seems to work OK. Our switch is a Cisco 2960S. No vLan.
The funny thing is when we connect to our hosted office server via RDP we can connect and print.
The ASA's are configured 1 to 1 as closely as possible. Latest firmware on both.
Switching back to ASA 5510 removes the problem.

We have had Cisco people looking at this, but no luck so far, except for the communication to the printer, ACK= are not 1, but a large number?

Does anyone have clue to this?
0
Comment
Question by:khc
6 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39800117
Can you post both fw configs as well as the switch? Please attach them to the post instead of pasting them.
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39800304
ACK being a large value doesn't mean anything.  I'm assuming you're talking about seeing it in wireshark maybe.  could happen if it doesn't know where the sequence numbers started depending on when the capture was started so it doesn't know the relative number to the starting point.

But as Soulja commented, the configs would help.
0
 
LVL 12

Expert Comment

by:Henk van Achterberg
ID: 39800891
How is your NAT config?

Are you sure that ProxyArp is not messing things up?

When you are on the same network traffic should not flow trough the ASA when connecting internally.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 26

Expert Comment

by:Soulja
ID: 39800959
Until configs are provided, we can only make assumptions.
0
 

Author Comment

by:khc
ID: 39804334
Thank you for answering. Here are the configs for ASA 5510 and ASA 5512.
ASA5510-5512runningconfig.txt
0
 
LVL 18

Accepted Solution

by:
Akinsd earned 1500 total points
ID: 39829007
I probably would recommend a packet trace to identify where the packets are dropping

- packet-tracer input inside tcp 192.168.118.x 4444 192.168.118.x 4444 detailed

You can also use Examdiff to compare both configs to determine if a command is missing or a new command is introduced
http://www.prestosoft.com/edp_examdiff.asp

Also, check if aaa authentication is enabled on the switch or any acl that may be filtering traffic based on MAC address
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question