[c-nsp] 1841 bugs?

Michael Malitsky malitsky at netabn.com
Thu Apr 24 13:04:48 EDT 2008


Hello,

I am curious if anyone is experiencing bugs with the 1841 platform?  In
our case it's acting as a firewall, and terminating 5 IPSEC tunnels.
Also routing between several VLANs.  No dynamic routing protocols.
Remote access via SSH.  It seems that we are getting a bunch of error
messages in the logs generated by the CRYPTO engine.  The worst part is
that any changes I try to make remotely cause the router to crash (crash
means router completely unresponsive, even at console, and requires a
reboot).  As an example, here's the last change that caused a crash:
access-list 140 permit ip host 192.168.1.59 host 172.29.1.104
where access-list 140 has not been previously defined.
Making changes from the console is a bit more predictable, but has also
caused crashes.  I am afraid to turn on debugging of any sort, with it
being so unstable.

I don't see the router low on memory, nor very high on CPU utilization.
Traffic levels are a few Mb at most.
We've tried IOS versions 12.4(3), 12.4(19), and 12.4(18a) - the last one
was a suggestion from TAC.  All are Advanced Security versions, all show
same instability.

Am I correct that this router is not really meant to do all this, and we
should put an ASA in it's place, or am I missing something?

Thanks for any suggestions,
Michael


More information about the cisco-nsp mailing list