It's the image it shipped with but hear you.
Thanks for the advice.
-- BR Tony Sent from my iPhone on 3 On 27 Sep 2012, at 15:45, Ryan West <rwest_at_zyedge.com> wrote: > I've had the best luck with 8.2(5)26 or 29. Since you're already in NAT hell, I would run 8.4.4.1. Running first release new train code is just asking for trouble IMO. > > Sent from handheld > > On Sep 27, 2012, at 10:06 AM, "Tony Singh" <mothafungla_at_gmail.com> wrote: > >> Here's my hunch it seems to happen when I'm on my laptop with a lot of tcp sessions i.e tabs on chrome... >> >> Same kind of thing used to happen on other vender all in one wifi routers...until upgrading to code that fixed the issues so I hear you... >> >> Ryan my eyes are hurting with that list wa wa we wa (borat) >> >> What do you guys recommend as a stable code /if >> >> Thanks both for the help >> >> -- >> BR >> >> Tony >> >> Sent from my iPhone on 3 >> >> On 27 Sep 2012, at 14:48, Ryan West <rwest_at_zyedge.com> wrote: >> >>> I would agree with Joe here. Here is the 8.4 caveat list: >>> >>> http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html#wp536788 >>> >>> -ryan >>> >>> -----Original Message----- >>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Joe Sanchez >>> Sent: Thursday, September 27, 2012 9:44 AM >>> To: Tony Singh >>> Cc: Jay McMickle; Haroon; Ciscocertification >>> Subject: Re: ASA problem >>> >>> I've had to upgrade many ASA's even with 2gb ram, with the latest code because of issues with ASA lockups/reboots it doesn't matter which platform other then the 5585x they have been solid. These ASA were running the 8.3 and I believe 1 might have been 8.42? Several issues that Cisco tries to fix with releases that did solve the original issues but caused other issues to raise there heads. >>> >>> Regards, >>> Joe Sanchez >>> >>> ( please excuse the brevity of this email as it was sent via a mobile device. Please excuse misspelled words or sentence structure.) >>> >>> On Sep 27, 2012, at 8:36 AM, Tony Singh <mothafungla_at_gmail.com> wrote: >>> >>>> Will check next time it happens as Haroon suggested to see if default >>>> route is still present, was last time but might be worth some further >>>> debugging and will report back, doesn't seem a common issue at this >>>> code maybe :/ >>>> >>>> -- >>>> BR >>>> >>>> Tony >>>> >>>> Sent from my iPhone on 3 >>>> >>>> On 27 Sep 2012, at 14:32, Tony Singh <mothafungla_at_gmail.com> wrote: >>>> >>>>> Sorry Joe meant latter as in RAM is 512k in reply to Jay (free memory >>>>> when unit locked up showed ample free anyhow) >>>>> >>>>> Code running is 8.4.1 (post pix cli era I believe) >>>>> >>>>> -- >>>>> BR >>>>> >>>>> Tony >>>>> >>>>> Sent from my iPhone on 3 >>>>> >>>>> On 27 Sep 2012, at 13:23, Joe Sanchez <marco207p_at_gmail.com> wrote: >>>>> >>>>>> I recall lots of bugs in the 8.3 code . Mostly the ASA would lock up and reboot on occasions . Have you tried to upgrade? >>>>>> >>>>>> Regards, >>>>>> Joe Sanchez >>>>>> >>>>>> ( please excuse the brevity of this email as it was sent via a >>>>>> mobile device. Please excuse misspelled words or sentence >>>>>> structure.) >>>>>> >>>>>> On Sep 27, 2012, at 1:34 AM, Tony Singh <mothafungla_at_gmail.com> wrote: >>>>>> >>>>>>> Hi Jay >>>>>>> >>>>>>> Thanks for reply yes it is the latter. >>>>>>> >>>>>>> -- >>>>>>> BR >>>>>>> >>>>>>> Sent from my iPhone on 3 >>>>>>> >>>>>>> On 27 Sep 2012, at 02:02, Jay McMickle <jay.mcmickle_at_yahoo.com> wrote: >>>>>>> >>>>>>>> Tony- how much RAM is in your 5505? If 256 (standard on old ones), this could be your issue with 8.3+ IOS. >>>>>>>> >>>>>>>> If 512, disregard. >>>>>>>> >>>>>>>> Regards, >>>>>>>> Jay McMickle- CCIE #35355 (RS), 3x CCNP (RS,Security,Design) Sent >>>>>>>> from my iPhone >>>>>>>> >>>>>>>> On Sep 26, 2012, at 2:40 PM, Tony Singh <mothafungla_at_gmail.com> wrote: >>>>>>>> >>>>>>>>> Hi Haroon >>>>>>>>> >>>>>>>>> Next time it goes down will attempt your suggestion although it >>>>>>>>> did have the gateway of the last resort in the routing table :/ >>>>>>>>> >>>>>>>>> -- >>>>>>>>> BR >>>>>>>>> >>>>>>>>> Sent from my iPhone on 3 >>>>>>>>> >>>>>>>>> On 26 Sep 2012, at 20:27, Haroon <itguy.pro_at_gmail.com> wrote: >>>>>>>>> >>>>>>>>>> what if you hard code default gateway? >>>>>>>>>> >>>>>>>>>> route outside 0.0.0.0 0.0.0.0 isp >>>>>>>>>> >>>>>>>>>> On Wed, Sep 26, 2012 at 1:27 PM, Tony Singh <mothafungla_at_gmail.com> wrote: >>>>>>>>>> Good Evening List, >>>>>>>>>> >>>>>>>>>> I have an issue with my ASA 5505 recently seems to be locking up >>>>>>>>>> and end-result is no default gateway access to my isp router and >>>>>>>>>> bump no internet! >>>>>>>>>> >>>>>>>>>> Its running Version 8.4(1) & is a base license... >>>>>>>>>> >>>>>>>>>> Now some t-shooting has got me no where, no top cpu-usage >>>>>>>>>> processes, enough free memory , asdm logs when it goes down >>>>>>>>>> nothing unusual but the usual pat translations with tcp flags i.e syn timeout etc etc.. >>>>>>>>>> >>>>>>>>>> translations showed... >>>>>>>>>> >>>>>>>>>> *ciscoasa# show xlate count * >>>>>>>>>> 323 in use, 583 most used >>>>>>>>>> >>>>>>>>>> tried clearing this - no good still could not ping my default gateway..... >>>>>>>>>> >>>>>>>>>> an arp showed that I could see the default gateway address >>>>>>>>>> (although admittedly did not try clearing this to see if it did >>>>>>>>>> the arp translation again) >>>>>>>>>> >>>>>>>>>> input packets from isp were stuck here, but might be down to above... >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> ciscoasa(config-if)# sh int Vlan2 Interface Vlan2 "outside", is >>>>>>>>>> up, line protocol is up Hardware is EtherSVI, BW 100 Mbps, DLY >>>>>>>>>> 100 usec >>>>>>>>>> MAC address 001e.4a87.44ab, MTU 1500 >>>>>>>>>> IP address x.x.x.x, subnet mask 255.255.254.0 Traffic >>>>>>>>>> Statistics for "outside": >>>>>>>>>> *9747366 packets input*, 1919996429 bytes >>>>>>>>>> 14907915 packets output, 13057288639 bytes >>>>>>>>>> 760415 packets dropped >>>>>>>>>> 1 minute input rate 0 pkts/sec, 0 bytes/sec >>>>>>>>>> 1 minute output rate 8 pkts/sec, 464 bytes/sec >>>>>>>>>> 1 minute drop rate, 0 pkts/sec >>>>>>>>>> 5 minute input rate 0 pkts/sec, 2 bytes/sec >>>>>>>>>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec >>>>>>>>>> 5 minute drop rate, 0 pkts/sec >>>>>>>>>> >>>>>>>>>> ciscoasa(config-if)# sh int Vlan2 Interface Vlan2 "outside", is >>>>>>>>>> up, line protocol is up Hardware is EtherSVI, BW 100 Mbps, DLY >>>>>>>>>> 100 usec >>>>>>>>>> MAC address 001e.4a87.44ab, MTU 1500 >>>>>>>>>> IP address x.x.x.x, subnet mask 255.255.254.0 Traffic >>>>>>>>>> Statistics for "outside": >>>>>>>>>> *9747366 packets input*, 1919996429 bytes >>>>>>>>>> 14907919 packets output, 13057288877 bytes >>>>>>>>>> 760415 packets dropped >>>>>>>>>> 1 minute input rate 0 pkts/sec, 0 bytes/sec >>>>>>>>>> 1 minute output rate 8 pkts/sec, 464 bytes/sec >>>>>>>>>> 1 minute drop rate, 0 pkts/sec >>>>>>>>>> 5 minute input rate 0 pkts/sec, 2 bytes/sec >>>>>>>>>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec >>>>>>>>>> 5 minute drop rate, 0 pkts/sec >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> ciscoasa(config-if)# sh int Vlan2 Interface Vlan2 "outside", is >>>>>>>>>> up, line protocol is up Hardware is EtherSVI, BW 100 Mbps, DLY >>>>>>>>>> 100 usec >>>>>>>>>> MAC address 001e.4a87.44ab, MTU 1500 >>>>>>>>>> IP address x.x.x.x, subnet mask 255.255.254.0 Traffic >>>>>>>>>> Statistics for "outside": >>>>>>>>>> *9747366 packets input*, 1919996429 bytes >>>>>>>>>> 14907920 packets output, 13057288946 bytes >>>>>>>>>> 760415 packets dropped >>>>>>>>>> 1 minute input rate 0 pkts/sec, 0 bytes/sec >>>>>>>>>> 1 minute output rate 8 pkts/sec, 464 bytes/sec >>>>>>>>>> 1 minute drop rate, 0 pkts/sec >>>>>>>>>> 5 minute input rate 0 pkts/sec, 2 bytes/sec >>>>>>>>>> 5 minute output rate 22 pkts/sec, 1297 bytes/sec >>>>>>>>>> 5 minute drop rate, 0 pkts/sec >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> config on the outside interface is >>>>>>>>>> >>>>>>>>>> interface Vlan2 (eth0/0) >>>>>>>>>> nameif outside >>>>>>>>>> security-level 0 >>>>>>>>>> ip address dhcp setroute >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> my outside interface picks up or still has the dhcpd binding >>>>>>>>>> from the isp and the outside svi vlan 2 pings from the asa ok... >>>>>>>>>> >>>>>>>>>> been getting tired of reloading recently, so decided to shut the >>>>>>>>>> vlan 2 svi down and take the dhcp config off & re-applied this >>>>>>>>>> and it seemed to let me ping the default gateway again... >>>>>>>>>> >>>>>>>>>> google dns 8.8.8.8 pings ok now, but xlates were showing 0 when >>>>>>>>>> attempting to connect from various devices and in the end had to reload the asa again. >>>>>>>>>> >>>>>>>>>> apologies for this long mail, any suggestions on what im doing >>>>>>>>>> wrong >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Blogs and organic groups at http://www.ccie.net >>>>>>>>>> >>>>>>>>>> ________________________________________________________________ >>>>>>>>>> _______ Subscription information may be found at: >>>>>>>>>> http://www.groupstudy.com/list/CCIELab.html >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Virtualization.net >>>>>>>>>> Post Jobs, News, Forums, Tutorials http://www.virtualization.net >>>>>>>>> >>>>>>>>> >>>>>>>>> Blogs and organic groups at http://www.ccie.net >>>>>>>>> >>>>>>>>> _______________________________________________________________________ >>>>>>>>> Subscription information may be found at: >>>>>>>>> http://www.groupstudy.com/list/CCIELab.html >>>>>>> >>>>>>> >>>>>>> Blogs and organic groups at http://www.ccie.net >>>>>>> >>>>>>> _______________________________________________________________________ >>>>>>> Subscription information may be found at: >>>>>>> http://www.groupstudy.com/list/CCIELab.html >>> >>> >>> Blogs and organic groups at http://www.ccie.net >>> >>> _______________________________________________________________________ >>> Subscription information may be found at: >>> http://www.groupstudy.com/list/CCIELab.html Blogs and organic groups at http://www.ccie.netReceived on Thu Sep 27 2012 - 15:53:32 ART
This archive was generated by hypermail 2.2.0 : Mon Oct 01 2012 - 06:40:29 ART