I've had to upgrade many ASA's even with 2gb ram, with the latest code because of issues with ASA lockups/reboots it doesn't matter which platform other then the 5585x they have been solid. These ASA were running the 8.3 and I believe 1 might have been 8.42? Several issues that Cisco tries to fix with releases that did solve the original issues but caused other issues to raise there heads.
Regards,
Joe Sanchez
( please excuse the brevity of this email as it was sent via a mobile device. Please excuse misspelled words or sentence structure.)
On Sep 27, 2012, at 8:36 AM, Tony Singh <mothafungla_at_gmail.com> wrote:
> Will check next time it happens as Haroon suggested to see if default route is still present, was last time but might be worth some further debugging and will report back, doesn't seem a common issue at this code maybe :/
>
> --
> BR
>
> Tony
>
> Sent from my iPhone on 3
>
> On 27 Sep 2012, at 14:32, Tony Singh <mothafungla_at_gmail.com> wrote:
>
>> Sorry Joe meant latter as in RAM is 512k in reply to Jay (free memory when unit locked up showed ample free anyhow)
>>
>> Code running is 8.4.1 (post pix cli era I believe)
>>
>> --
>> BR
>>
>> Tony
>>
>> Sent from my iPhone on 3
>>
>> On 27 Sep 2012, at 13:23, Joe Sanchez <marco207p_at_gmail.com> wrote:
>>
>>> I recall lots of bugs in the 8.3 code . Mostly the ASA would lock up and reboot on occasions . Have you tried to upgrade?
>>>
>>> Regards,
>>> Joe Sanchez
>>>
>>> ( please excuse the brevity of this email as it was sent via a mobile device. Please excuse misspelled words or sentence structure.)
>>>
>>> On Sep 27, 2012, at 1:34 AM, Tony Singh <mothafungla_at_gmail.com> wrote:
>>>
>>>> Hi Jay
>>>>
>>>> Thanks for reply yes it is the latter.
>>>>
>>>> --
>>>> BR
>>>>
>>>> Sent from my iPhone on 3
>>>>
>>>> On 27 Sep 2012, at 02:02, Jay McMickle <jay.mcmickle_at_yahoo.com> wrote:
>>>>
>>>>> Tony- how much RAM is in your 5505? If 256 (standard on old ones), this could be your issue with 8.3+ IOS.
>>>>>
>>>>> If 512, disregard.
>>>>>
>>>>> Regards,
>>>>> Jay McMickle- CCIE #35355 (RS), 3x CCNP (RS,Security,Design)
>>>>> Sent from my iPhone
>>>>>
>>>>> On Sep 26, 2012, at 2:40 PM, Tony Singh <mothafungla_at_gmail.com> wrote:
>>>>>
>>>>>> Hi Haroon
>>>>>>
>>>>>> Next time it goes down will attempt your suggestion although it did have the
>>>>>> gateway of the last resort in the routing table :/
>>>>>>
>>>>>> --
>>>>>> BR
>>>>>>
>>>>>> Sent from my iPhone on 3
>>>>>>
>>>>>> On 26 Sep 2012, at 20:27, Haroon <itguy.pro_at_gmail.com> wrote:
>>>>>>
>>>>>>> what if you hard code default gateway?
>>>>>>>
>>>>>>> route outside 0.0.0.0 0.0.0.0 isp
>>>>>>>
>>>>>>> On Wed, Sep 26, 2012 at 1:27 PM, Tony Singh <mothafungla_at_gmail.com> wrote:
>>>>>>> Good Evening List,
>>>>>>>
>>>>>>> I have an issue with my ASA 5505 recently seems to be locking up and
>>>>>>> end-result is no default gateway access to my isp router and bump no
>>>>>>> internet!
>>>>>>>
>>>>>>> Its running Version 8.4(1) & is a base license...
>>>>>>>
>>>>>>> Now some t-shooting has got me no where, no top cpu-usage processes, enough
>>>>>>> free memory , asdm logs when it goes down nothing unusual but the usual pat
>>>>>>> translations with tcp flags i.e syn timeout etc etc..
>>>>>>>
>>>>>>> translations showed...
>>>>>>>
>>>>>>> *ciscoasa# show xlate count *
>>>>>>> 323 in use, 583 most used
>>>>>>>
>>>>>>> tried clearing this - no good still could not ping my default gateway.....
>>>>>>>
>>>>>>> an arp showed that I could see the default gateway address
>>>>>>> (although admittedly did not try clearing this to see if it did the arp
>>>>>>> translation again)
>>>>>>>
>>>>>>> input packets from isp were stuck here, but might be down to above...
>>>>>>>
>>>>>>>
>>>>>>> ciscoasa(config-if)# sh int Vlan2
>>>>>>> Interface Vlan2 "outside", is up, line protocol is up
>>>>>>> Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
>>>>>>> MAC address 001e.4a87.44ab, MTU 1500
>>>>>>> IP address x.x.x.x, subnet mask 255.255.254.0
>>>>>>> Traffic Statistics for "outside":
>>>>>>> *9747366 packets input*, 1919996429 bytes
>>>>>>> 14907915 packets output, 13057288639 bytes
>>>>>>> 760415 packets dropped
>>>>>>> 1 minute input rate 0 pkts/sec, 0 bytes/sec
>>>>>>> 1 minute output rate 8 pkts/sec, 464 bytes/sec
>>>>>>> 1 minute drop rate, 0 pkts/sec
>>>>>>> 5 minute input rate 0 pkts/sec, 2 bytes/sec
>>>>>>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec
>>>>>>> 5 minute drop rate, 0 pkts/sec
>>>>>>>
>>>>>>> ciscoasa(config-if)# sh int Vlan2
>>>>>>> Interface Vlan2 "outside", is up, line protocol is up
>>>>>>> Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
>>>>>>> MAC address 001e.4a87.44ab, MTU 1500
>>>>>>> IP address x.x.x.x, subnet mask 255.255.254.0
>>>>>>> Traffic Statistics for "outside":
>>>>>>> *9747366 packets input*, 1919996429 bytes
>>>>>>> 14907919 packets output, 13057288877 bytes
>>>>>>> 760415 packets dropped
>>>>>>> 1 minute input rate 0 pkts/sec, 0 bytes/sec
>>>>>>> 1 minute output rate 8 pkts/sec, 464 bytes/sec
>>>>>>> 1 minute drop rate, 0 pkts/sec
>>>>>>> 5 minute input rate 0 pkts/sec, 2 bytes/sec
>>>>>>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec
>>>>>>> 5 minute drop rate, 0 pkts/sec
>>>>>>>
>>>>>>>
>>>>>>> ciscoasa(config-if)# sh int Vlan2
>>>>>>> Interface Vlan2 "outside", is up, line protocol is up
>>>>>>> Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
>>>>>>> MAC address 001e.4a87.44ab, MTU 1500
>>>>>>> IP address x.x.x.x, subnet mask 255.255.254.0
>>>>>>> Traffic Statistics for "outside":
>>>>>>> *9747366 packets input*, 1919996429 bytes
>>>>>>> 14907920 packets output, 13057288946 bytes
>>>>>>> 760415 packets dropped
>>>>>>> 1 minute input rate 0 pkts/sec, 0 bytes/sec
>>>>>>> 1 minute output rate 8 pkts/sec, 464 bytes/sec
>>>>>>> 1 minute drop rate, 0 pkts/sec
>>>>>>> 5 minute input rate 0 pkts/sec, 2 bytes/sec
>>>>>>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec
>>>>>>> 5 minute drop rate, 0 pkts/sec
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> config on the outside interface is
>>>>>>>
>>>>>>> interface Vlan2 (eth0/0)
>>>>>>> nameif outside
>>>>>>> security-level 0
>>>>>>> ip address dhcp setroute
>>>>>>>
>>>>>>>
>>>>>>> my outside interface picks up or still has the dhcpd binding from the isp
>>>>>>> and the outside svi vlan 2 pings from the asa ok...
>>>>>>>
>>>>>>> been getting tired of reloading recently, so decided to shut the vlan 2 svi
>>>>>>> down and take the dhcp config off & re-applied this and it seemed to let me
>>>>>>> ping the default gateway again...
>>>>>>>
>>>>>>> google dns 8.8.8.8 pings ok now, but xlates were showing 0 when attempting
>>>>>>> to connect from various devices and in the end had to reload the asa again.
>>>>>>>
>>>>>>> apologies for this long mail, any suggestions on what im doing wrong
>>>>>>>
>>>>>>>
>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>
>>>>>>> _______________________________________________________________________
>>>>>>> Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Virtualization.net
>>>>>>> Post Jobs, News, Forums, Tutorials
>>>>>>> http://www.virtualization.net
>>>>>>
>>>>>>
>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>
>>>>>> _______________________________________________________________________
>>>>>> Subscription information may be found at:
>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Sep 27 2012 - 08:44:26 ART
This archive was generated by hypermail 2.2.0 : Mon Oct 01 2012 - 06:40:29 ART