Hi Haroon
Next time it goes down will attempt your suggestion although it did have the
gateway of the last resort in the routing table :/
-- BR Sent from my iPhone on 3 On 26 Sep 2012, at 20:27, Haroon <itguy.pro_at_gmail.com> wrote: > what if you hard code default gateway? > > route outside 0.0.0.0 0.0.0.0 isp > > On Wed, Sep 26, 2012 at 1:27 PM, Tony Singh <mothafungla_at_gmail.com> wrote: > Good Evening List, > > I have an issue with my ASA 5505 recently seems to be locking up and > end-result is no default gateway access to my isp router and bump no > internet! > > Its running Version 8.4(1) & is a base license... > > Now some t-shooting has got me no where, no top cpu-usage processes, enough > free memory , asdm logs when it goes down nothing unusual but the usual pat > translations with tcp flags i.e syn timeout etc etc.. > > translations showed... > > *ciscoasa# show xlate count * > 323 in use, 583 most used > > tried clearing this - no good still could not ping my default gateway..... > > an arp showed that I could see the default gateway address > (although admittedly did not try clearing this to see if it did the arp > translation again) > > input packets from isp were stuck here, but might be down to above... > > > ciscoasa(config-if)# sh int Vlan2 > Interface Vlan2 "outside", is up, line protocol is up > Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec > MAC address 001e.4a87.44ab, MTU 1500 > IP address x.x.x.x, subnet mask 255.255.254.0 > Traffic Statistics for "outside": > *9747366 packets input*, 1919996429 bytes > 14907915 packets output, 13057288639 bytes > 760415 packets dropped > 1 minute input rate 0 pkts/sec, 0 bytes/sec > 1 minute output rate 8 pkts/sec, 464 bytes/sec > 1 minute drop rate, 0 pkts/sec > 5 minute input rate 0 pkts/sec, 2 bytes/sec > 5 minute output rate 22 pkts/sec, 1297 bytes/sec > 5 minute drop rate, 0 pkts/sec > > ciscoasa(config-if)# sh int Vlan2 > Interface Vlan2 "outside", is up, line protocol is up > Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec > MAC address 001e.4a87.44ab, MTU 1500 > IP address x.x.x.x, subnet mask 255.255.254.0 > Traffic Statistics for "outside": > *9747366 packets input*, 1919996429 bytes > 14907919 packets output, 13057288877 bytes > 760415 packets dropped > 1 minute input rate 0 pkts/sec, 0 bytes/sec > 1 minute output rate 8 pkts/sec, 464 bytes/sec > 1 minute drop rate, 0 pkts/sec > 5 minute input rate 0 pkts/sec, 2 bytes/sec > 5 minute output rate 22 pkts/sec, 1297 bytes/sec > 5 minute drop rate, 0 pkts/sec > > > ciscoasa(config-if)# sh int Vlan2 > Interface Vlan2 "outside", is up, line protocol is up > Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec > MAC address 001e.4a87.44ab, MTU 1500 > IP address x.x.x.x, subnet mask 255.255.254.0 > Traffic Statistics for "outside": > *9747366 packets input*, 1919996429 bytes > 14907920 packets output, 13057288946 bytes > 760415 packets dropped > 1 minute input rate 0 pkts/sec, 0 bytes/sec > 1 minute output rate 8 pkts/sec, 464 bytes/sec > 1 minute drop rate, 0 pkts/sec > 5 minute input rate 0 pkts/sec, 2 bytes/sec > 5 minute output rate 22 pkts/sec, 1297 bytes/sec > 5 minute drop rate, 0 pkts/sec > > > > config on the outside interface is > > interface Vlan2 (eth0/0) > nameif outside > security-level 0 > ip address dhcp setroute > > > my outside interface picks up or still has the dhcpd binding from the isp > and the outside svi vlan 2 pings from the asa ok... > > been getting tired of reloading recently, so decided to shut the vlan 2 svi > down and take the dhcp config off & re-applied this and it seemed to let me > ping the default gateway again... > > google dns 8.8.8.8 pings ok now, but xlates were showing 0 when attempting > to connect from various devices and in the end had to reload the asa again. > > apologies for this long mail, any suggestions on what im doing wrong > > > Blogs and organic groups at http://www.ccie.net > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html > > > > > > > > > > > -- > Virtualization.net > Post Jobs, News, Forums, Tutorials > http://www.virtualization.net Blogs and organic groups at http://www.ccie.netReceived on Wed Sep 26 2012 - 20:40:06 ART
This archive was generated by hypermail 2.2.0 : Mon Oct 01 2012 - 06:40:29 ART