f



cisco ASA 5520 crashes with 7.1(2) and 7.2(1)

Hello,

I recently installed a cisco ASA 5520 with an IPS module.  I have tried
with 7.1(2) and now upgraded to 7.2(1).   What happens is that the
firewall works fine for a short amount of time, and then reboots
itself.  The time can be anywhere from 5 minutes to an hour.  I had to
take it out of service and put in our old firewall (a 525).
Just before the ASA5520 reboots itself, it dumps its configuration to
the screen, and then is followed by several lines of "not enough memory
to perform show command" - then the unit reboots.   During the time
that it is up, it functions normally however.

Has anyone else had this problem?

Thank you.
Zach

0
6/13/2006 3:01:37 PM
comp.dcom.sys.cisco 25313 articles. 0 followers. Post Follow

3 Replies
940 Views

Similar Articles

[PageSpeed] 40

networksecurity wrote:
> Hello,
>
> I recently installed a cisco ASA 5520 with an IPS module.  I have tried
> with 7.1(2) and now upgraded to 7.2(1).   What happens is that the
> firewall works fine for a short amount of time, and then reboots
> itself.  The time can be anywhere from 5 minutes to an hour.  I had to
> take it out of service and put in our old firewall (a 525).
> Just before the ASA5520 reboots itself, it dumps its configuration to
> the screen, and then is followed by several lines of "not enough memory
> to perform show command" - then the unit reboots.   During the time
> that it is up, it functions normally however.
>
> Has anyone else had this problem?
>
> Thank you.
> Zach

I recently had a similar problem with 7.1.2 on a 525.  I upgraded to
7.1.2 from 7.0.4.  Roughly every 4 hours after that it would
mysteriously reboot.  The cause was a bug in the "inspect http" code.
The official bug is CSCsd72617.

http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsd72617&Submit=Search

If you don't need "inspect http" then remove it and try the new code
again.  

J

0
J
6/13/2006 6:02:09 PM
J wrote:
> networksecurity wrote:
> > Hello,
> >
> > I recently installed a cisco ASA 5520 with an IPS module.  I have tried
> > with 7.1(2) and now upgraded to 7.2(1).   What happens is that the
> > firewall works fine for a short amount of time, and then reboots
> > itself.  The time can be anywhere from 5 minutes to an hour.  I had to
> > take it out of service and put in our old firewall (a 525).
> > Just before the ASA5520 reboots itself, it dumps its configuration to
> > the screen, and then is followed by several lines of "not enough memory
> > to perform show command" - then the unit reboots.

> I recently had a similar problem with 7.1.2 on a 525.  I upgraded to
> 7.1.2 from 7.0.4.  Roughly every 4 hours after that it would
> mysteriously reboot.  The cause was a bug in the "inspect http" code.
> The official bug is CSCsd72617.
>
> http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsd72617&Submit=Search

I am not a pix wizard however IIRC it has a similar show mem
command to IOS.

If so and you suspect a memory leak (as I do) then you
may be able to track down the offending process and
as described by a previous poster turn that facility off
as a possible workaround.

0
anybody43
6/13/2006 7:33:00 PM
Search Cisco release notes for the software version you have . I am
well aware of inspect http, but it only affects POST method in 7.1(2).
Personally, I think 7.0(4) is the most stable release to this date.
If you have Cisco ID and an active SmartNet or warranty I'd suggest
contacting Cisco TAC to request support.
Best,
BA
anybody43@hotmail.com wrote:
> J wrote:
> > networksecurity wrote:
> > > Hello,
> > >
> > > I recently installed a cisco ASA 5520 with an IPS module.  I have tried
> > > with 7.1(2) and now upgraded to 7.2(1).   What happens is that the
> > > firewall works fine for a short amount of time, and then reboots
> > > itself.  The time can be anywhere from 5 minutes to an hour.  I had to
> > > take it out of service and put in our old firewall (a 525).
> > > Just before the ASA5520 reboots itself, it dumps its configuration to
> > > the screen, and then is followed by several lines of "not enough memory
> > > to perform show command" - then the unit reboots.
>
> > I recently had a similar problem with 7.1.2 on a 525.  I upgraded to
> > 7.1.2 from 7.0.4.  Roughly every 4 hours after that it would
> > mysteriously reboot.  The cause was a bug in the "inspect http" code.
> > The official bug is CSCsd72617.
> >
> > http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsd72617&Submit=Search
>
> I am not a pix wizard however IIRC it has a similar show mem
> command to IOS.
>
> If so and you suspect a memory leak (as I do) then you
> may be able to track down the offending process and
> as described by a previous poster turn that facility off
> as a possible workaround.

0
boris
6/14/2006 3:24:49 AM
Reply: