Tony- how much RAM is in your 5505? If 256 (standard on old ones), this could be your issue with 8.3+ IOS.
If 512, disregard.
Regards,
Jay McMickle- CCIE #35355 (RS), 3x CCNP (RS,Security,Design)
Sent from my iPhone
On Sep 26, 2012, at 2:40 PM, Tony Singh <mothafungla_at_gmail.com> wrote:
> Hi Haroon
>
> Next time it goes down will attempt your suggestion although it did have the
> gateway of the last resort in the routing table :/
>
> --
> BR
>
> Sent from my iPhone on 3
>
> On 26 Sep 2012, at 20:27, Haroon <itguy.pro_at_gmail.com> wrote:
>
>> what if you hard code default gateway?
>>
>> route outside 0.0.0.0 0.0.0.0 isp
>>
>> On Wed, Sep 26, 2012 at 1:27 PM, Tony Singh <mothafungla_at_gmail.com> wrote:
>> Good Evening List,
>>
>> I have an issue with my ASA 5505 recently seems to be locking up and
>> end-result is no default gateway access to my isp router and bump no
>> internet!
>>
>> Its running Version 8.4(1) & is a base license...
>>
>> Now some t-shooting has got me no where, no top cpu-usage processes, enough
>> free memory , asdm logs when it goes down nothing unusual but the usual pat
>> translations with tcp flags i.e syn timeout etc etc..
>>
>> translations showed...
>>
>> *ciscoasa# show xlate count *
>> 323 in use, 583 most used
>>
>> tried clearing this - no good still could not ping my default gateway.....
>>
>> an arp showed that I could see the default gateway address
>> (although admittedly did not try clearing this to see if it did the arp
>> translation again)
>>
>> input packets from isp were stuck here, but might be down to above...
>>
>>
>> ciscoasa(config-if)# sh int Vlan2
>> Interface Vlan2 "outside", is up, line protocol is up
>> Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
>> MAC address 001e.4a87.44ab, MTU 1500
>> IP address x.x.x.x, subnet mask 255.255.254.0
>> Traffic Statistics for "outside":
>> *9747366 packets input*, 1919996429 bytes
>> 14907915 packets output, 13057288639 bytes
>> 760415 packets dropped
>> 1 minute input rate 0 pkts/sec, 0 bytes/sec
>> 1 minute output rate 8 pkts/sec, 464 bytes/sec
>> 1 minute drop rate, 0 pkts/sec
>> 5 minute input rate 0 pkts/sec, 2 bytes/sec
>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec
>> 5 minute drop rate, 0 pkts/sec
>>
>> ciscoasa(config-if)# sh int Vlan2
>> Interface Vlan2 "outside", is up, line protocol is up
>> Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
>> MAC address 001e.4a87.44ab, MTU 1500
>> IP address x.x.x.x, subnet mask 255.255.254.0
>> Traffic Statistics for "outside":
>> *9747366 packets input*, 1919996429 bytes
>> 14907919 packets output, 13057288877 bytes
>> 760415 packets dropped
>> 1 minute input rate 0 pkts/sec, 0 bytes/sec
>> 1 minute output rate 8 pkts/sec, 464 bytes/sec
>> 1 minute drop rate, 0 pkts/sec
>> 5 minute input rate 0 pkts/sec, 2 bytes/sec
>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec
>> 5 minute drop rate, 0 pkts/sec
>>
>>
>> ciscoasa(config-if)# sh int Vlan2
>> Interface Vlan2 "outside", is up, line protocol is up
>> Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
>> MAC address 001e.4a87.44ab, MTU 1500
>> IP address x.x.x.x, subnet mask 255.255.254.0
>> Traffic Statistics for "outside":
>> *9747366 packets input*, 1919996429 bytes
>> 14907920 packets output, 13057288946 bytes
>> 760415 packets dropped
>> 1 minute input rate 0 pkts/sec, 0 bytes/sec
>> 1 minute output rate 8 pkts/sec, 464 bytes/sec
>> 1 minute drop rate, 0 pkts/sec
>> 5 minute input rate 0 pkts/sec, 2 bytes/sec
>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec
>> 5 minute drop rate, 0 pkts/sec
>>
>>
>>
>> config on the outside interface is
>>
>> interface Vlan2 (eth0/0)
>> nameif outside
>> security-level 0
>> ip address dhcp setroute
>>
>>
>> my outside interface picks up or still has the dhcpd binding from the isp
>> and the outside svi vlan 2 pings from the asa ok...
>>
>> been getting tired of reloading recently, so decided to shut the vlan 2 svi
>> down and take the dhcp config off & re-applied this and it seemed to let me
>> ping the default gateway again...
>>
>> google dns 8.8.8.8 pings ok now, but xlates were showing 0 when attempting
>> to connect from various devices and in the end had to reload the asa again.
>>
>> apologies for this long mail, any suggestions on what im doing wrong
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> --
>> Virtualization.net
>> Post Jobs, News, Forums, Tutorials
>> http://www.virtualization.net
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Sep 26 2012 - 20:02:44 ART
This archive was generated by hypermail 2.2.0 : Mon Oct 01 2012 - 06:40:29 ART