[c-nsp] ASA VPN Tunnels

Andy Ellsworth andy at dar.net
Sat Dec 29 12:22:52 EST 2012


So the customer's DSL modem is doing routing rather than bridging - any
chance it's also providing some kind of stateful firewall behavior?
Wondering if it could be timing out/closing the session passing through it.
If the DSL modem has stateful packet inspection, perhaps it can be turned
off.

Regardless, packet captures are your friend. Run a capture on the client
ASA and get a mirrored capture on the RA gateway ASA, load them both up
side by side in Wireshark, and see what is happening to your session.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080a9edd6.shtml




On Fri, Dec 28, 2012 at 4:53 PM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:

> Given that same setup elsewhere is working then this problem is local. The
> world isn't ideal. I would suggest its an L1 or L2 issue with this
> customers line or broadband modem. Maybe line issues and renegotiation of
> the link or faulty modem. Get the line checked/measured/conditioned and/or
> the modem swapped out.
>
> alan
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list