find mac being filtered ASA
So heres the setup
I have a new open mesh POE switch I'm trying to plug into existing 2960 so that we can plug in some OM AP's to it. I can plug in the OMS8 switch into the cisco with the cisco switchport in access mode for the vlan we want it on. I can run a IP scan and see that the switch indeed gets a DHCP lease, i can go to that ip in browser and get the admin interface (not allowed to log in ). But the switch never checks in with cloudtrax. I have 4 other AP's on the same subnet that check in fine, so i don't think content filtering (as suggested by their support) is the issue, though they say the switches check into different servers than APS. So heres the setup
OMS8------>2960----->3650-
is there a way i can search for that mac on either the 3650 or the ASA to see if its getting filtered?
I have a new open mesh POE switch I'm trying to plug into existing 2960 so that we can plug in some OM AP's to it. I can plug in the OMS8 switch into the cisco with the cisco switchport in access mode for the vlan we want it on. I can run a IP scan and see that the switch indeed gets a DHCP lease, i can go to that ip in browser and get the admin interface (not allowed to log in ). But the switch never checks in with cloudtrax. I have 4 other AP's on the same subnet that check in fine, so i don't think content filtering (as suggested by their support) is the issue, though they say the switches check into different servers than APS. So heres the setup
OMS8------>2960----->3650-
is there a way i can search for that mac on either the 3650 or the ASA to see if its getting filtered?
Asked:
Who is Participating?
looked at the asa log, looks like i found an entry. Not sure if this is the culprit or not
ASACOB/pri/act# sh log | inc 10.2.10.53
Jan 17 2018 09:04:24: %ASA-4-106023: Deny udp src inside:10.2.10.53/8046 dst out side:129.6.15.30/123 by access-group "inside_access_in" [0x0, 0x0]
Jan 17 2018 09:04:54: %ASA-4-106023: Deny udp src inside:10.2.10.53/23755 dst ou tside:162.210.110.4/123 by access-group "inside_access_in" [0x0, 0x0]
ASACOB/pri/act# sh log | inc 10.2.10.53
Jan 17 2018 09:04:24: %ASA-4-106023: Deny udp src inside:10.2.10.53/8046 dst out side:129.6.15.30/123 by access-group "inside_access_in" [0x0, 0x0]
Jan 17 2018 09:04:54: %ASA-4-106023: Deny udp src inside:10.2.10.53/23755 dst ou tside:162.210.110.4/123 by access-group "inside_access_in" [0x0, 0x0]
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
