0

We have a cisco asa 5505 that's new (in service for about 2 months) running 7.2(4) software. Every day around 10a it locks up for approx 10 minutes. We're monitoring it via snmp with stg, and snmp doesn't respond during that time. There's no output in the 'show crash' output. Internet connectivity is also dropped. Wondering if anyone else has seen this and what the fix might be. Currently we're looking at upgrading software, but will need memory upgrade for that.

We've forced the speed and duplex on the internal and external interfaces, but the problem is still occurring. It's connected on the internal lan to a netgear 724 gige switch.

user9517
  • 115,471
  • 20
  • 215
  • 297

2 Answers2

1

I would upgrade your ASA to the latest version 8.3(x) and see if that takes care of your lockups.

Edited to add:

You can safely move to the 8.0(x) version of the software without upgrading your memory. I believe that starting with 8.2(x) you'll have to actually upgrade the memory. You can research the readme's to see if they have anything about your lockup issue: http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html

GregD
  • 8,713
  • 1
  • 24
  • 36
  • Thanks, my only concern is we only have 128M flash / 256M ram, so we might be restricted as to what we can upgrade to without adding significantly more ram. –  Mar 29 '10 at 15:26
  • Upgraded software to 8.0.5, problem still occurs. –  Mar 30 '10 at 15:46
0

attach a network sniffer like wireshark, and monitor your firewall connections with this.

if you loosing layer 3 connectivity to the firewall, then you will loose snmp, consider a termnial server hooked up to the console port.

do you asa logs record anything strange?

you may have a layer 2 loop in your network too, so check for stp enabled.

can you tell me more about your topology.

what happens at 10am?

The Unix Janitor
  • 2,458
  • 15
  • 13