[c-nsp] ASA5510 Code
Matt Carter
matt at iseek.com.au
Mon Jan 28 13:29:11 EST 2008
>
> would love to know what bugs you;ve encountered so far?
>
> As im testing this in lab right now, and so far all has been good
my experience has been from stable PIX environment to what i would consider
to be unstable ASA environment. on a trial deployment with the intention of
phasing out various deployed PIX (nothing spectacular in terms of conf,
firewall with a few spokes, acl's and inpsects, no ipsec/vpn) and within a
short time we have discovered some rather problematic inspect bugs then soon
after that crashing on 7.2(2), but no crash file written due to another
bug.. went to 7.2(3) which was reasonably new at the time, within a week or
so both my primary and secondary asa had crashed and rebooted a couple of
times, with a crash file at least..
i still am awaiting a fix for this bug CSCsl89317, case was opened in nov
'07 but as you can see the details on the bug are still sketchy at best.
CSCsl89317 Status Open Severity 2 1st Found-In 7.2(3)
ASA 7.2.3 crash Thread Name: Dispatch Unit (Old pc 0x00223a67 ebp 0x018b
ASA 7.2.3 Crash Thread Name: Dispatch Unit (Old pc 0x00223a67 ebp0x018b0a90)
ASA 7.2.3:
Workaround:
None
nice eh
less than impressed with the ASA (and cisco's response to addressing issues)
at this point in time..
when you've come from rock solid PIX deployments to crashing "high
availability" clusters it doesn't wash too well..
... maybe i've just had an unlucky experience ...
--matt
More information about the cisco-nsp
mailing list