[c-nsp] ASA 5505 stops servicing inbound connections
Ryan West
rwest at zyedge.com
Tue Aug 11 16:44:12 EDT 2009
Is this on 8.2.x or 8.0? I'm making an assumption that it's not a 5580-SMP. If it is 8.2.x, you may not have enough memory, our test FW is having similar issues with 8.2.1(3). I just ordered some "Cisco compatible" RAM (Kingston Value Select) to help out with it.
-ryan
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Holemans Wim
Sent: Tuesday, August 11, 2009 4:36 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASA 5505 stops servicing inbound connections
Look in the log files for the following error :
<160>Aug 01 2009 15:29:49: %ASA-0-716528: Unexpected fiber scheduler error; possible out-of-memory condition
This kills our asa's (running version 8) on a regular basis (once a month), reload is the only way to resolve this. We have a case open for this, but without any good respons from cisco yet.
Wim Holemans
Network Services
University of Antwerp
-----Oorspronkelijk bericht-----
Van: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] Namens Meenoo Shivdasani
Verzonden: dinsdag 11 augustus 2009 22:07
Aan: Tillinger, Steve
CC: cisco-nsp at puck.nether.net
Onderwerp: Re: [c-nsp] ASA 5505 stops servicing inbound connections
On Tue, Aug 11, 2009 at 2:44 PM, Tillinger,
Steve<steve.tillinger at sourcemedia.com> wrote:
> Have you tried "sh local" ? That should tell you if you're hitting the
> 10 user limit.
"Detected interface 'outside' as the Internet interface. Host limit
applies to all other interfaces.
Current host count: 2, towards licensed host limit of: 10
Interface dmz: 2 active, 2 maximum active, 0 denied"
The connections that get dropped are hitting the outside interface.
Also, the firewall is non-responsive to remote login via SSH or ASDM
when this happens.
M
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list