Techrunner
asked on
Cisco ASA and Microsoft TMG Back to Back Issue
Hello Experts,
I have weird issue.
I have a Cisco ASA 5540 with 4 interfaces Outside,Inside, DMZ, TMG ( back to Back).
I have Microsoft TMG with 2 NICs. Internal Interface connected to Inside Switch and External directly connected to ASA TMG interface (Gi0/3).
I have default gateway on external interface pointing to ASA.
We are using TMG only as Web Proxy. Very often I start receiving call from user that cannot browse internet and they receive TMG error page.
When we move to TMG to diagnose the issue, we came to know that TMG cannot ping IP of ASA interface ( Gi0/3- Default of gateway TMG. In order to resolve this issue I have to reboot to the ASA.
Please can someone help to resolve this issue.
Thanks
I have weird issue.
I have a Cisco ASA 5540 with 4 interfaces Outside,Inside, DMZ, TMG ( back to Back).
I have Microsoft TMG with 2 NICs. Internal Interface connected to Inside Switch and External directly connected to ASA TMG interface (Gi0/3).
I have default gateway on external interface pointing to ASA.
We are using TMG only as Web Proxy. Very often I start receiving call from user that cannot browse internet and they receive TMG error page.
When we move to TMG to diagnose the issue, we came to know that TMG cannot ping IP of ASA interface ( Gi0/3- Default of gateway TMG. In order to resolve this issue I have to reboot to the ASA.
Please can someone help to resolve this issue.
Thanks
ASKER
Hi Sir,
How are you ? Hope all is well.
Any important debug command to start with ?
Thanks
How are you ? Hope all is well.
Any important debug command to start with ?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes We have IPS and module installed on ASA ?
ASKER
I am just waiting to let issue appear again.
Thanks
Thanks
ASKER
Thanks Sir,
Issue Resolved. ASA was putting the TMG server into shunned mode
I entered no shun command on ASA
I have no idea why ASA putting TMG server into shun mode.
Issue Resolved. ASA was putting the TMG server into shunned mode
I entered no shun command on ASA
I have no idea why ASA putting TMG server into shun mode.
Can you do some debugging on the ASA? The logs should be able to give you some clues if you check at around the time the issue started to happen.