https://community.cisco.com/t5/network-security/pix-crashing-with-no-crashinfo-file/m-p/1296903#M780320 <P>I have this problem that I am hoping someone can help me with:</P><P></P><P>Pix 515 (R) with 64M RAM and 16MF running 7.2(3). I have outside and inside interface.</P><P></P><P>Configuration is very simple I have a Linux host behind inside interface with </P><P>an IP address of 192.168.6.10/24 and be NAT'ed as follows: </P><P></P><P>static (inside,outside) 4.2.2.2 192.168.6.10 netmask 255.255.255.255</P><P></P><P>I have web server on the outside interface with an IP address of 4.2.2.10</P><P></P><P>inside interface IP address: 192.168.6.1/24</P><P>outside interface IP address: 4.2.2.1/24</P><P></P><P>On the Linux host, I run a program called "nkiller2" that can generate thousands </P><P>thousands of http connections to hit the web server.</P><P></P><P>When I start this program, I send about 20,000 http connections through the Pix515.</P><P>Using "show conn count", I saw that when the connection reaches about 10,000 connections,</P><P>the firewall goes into reboot. After the reboot, there is NO crashinfo in the flash </P><P>(verified with show flash:). In the flash, I have nothing except pix723.bin file so there</P><P>are plenty of spaces on the flash for crashinfo file.</P><P></P><P>Issue with this Pix is that I can NOT upgrade to version 8.0(4) or download to 7.0(8)</P><P>because the pix will reboot everything 5 minutes. With version 7.2(3), it is stable until</P><P>the connection goes over 10k connections.</P><P></P><P>Has anyone seen this before? Thanks.</P> Mon, 11 Mar 2019 16:24:10 GMT cisco24x7 2019-03-11T16:24:10Z https://community.cisco.com/t5/network-security/pix-crashing-with-no-crashinfo-file/m-p/1296903#M780320 <P>I have this problem that I am hoping someone can help me with:</P><P></P><P>Pix 515 (R) with 64M RAM and 16MF running 7.2(3). I have outside and inside interface.</P><P></P><P>Configuration is very simple I have a Linux host behind inside interface with </P><P>an IP address of 192.168.6.10/24 and be NAT'ed as follows: </P><P></P><P>static (inside,outside) 4.2.2.2 192.168.6.10 netmask 255.255.255.255</P><P></P><P>I have web server on the outside interface with an IP address of 4.2.2.10</P><P></P><P>inside interface IP address: 192.168.6.1/24</P><P>outside interface IP address: 4.2.2.1/24</P><P></P><P>On the Linux host, I run a program called "nkiller2" that can generate thousands </P><P>thousands of http connections to hit the web server.</P><P></P><P>When I start this program, I send about 20,000 http connections through the Pix515.</P><P>Using "show conn count", I saw that when the connection reaches about 10,000 connections,</P><P>the firewall goes into reboot. After the reboot, there is NO crashinfo in the flash </P><P>(verified with show flash:). In the flash, I have nothing except pix723.bin file so there</P><P>are plenty of spaces on the flash for crashinfo file.</P><P></P><P>Issue with this Pix is that I can NOT upgrade to version 8.0(4) or download to 7.0(8)</P><P>because the pix will reboot everything 5 minutes. With version 7.2(3), it is stable until</P><P>the connection goes over 10k connections.</P><P></P><P>Has anyone seen this before? Thanks.</P> Mon, 11 Mar 2019 16:24:10 GMT https://community.cisco.com/t5/network-security/pix-crashing-with-no-crashinfo-file/m-p/1296903#M780320 cisco24x7 2019-03-11T16:24:10Z https://community.cisco.com/t5/network-security/pix-crashing-with-no-crashinfo-file/m-p/1296904#M780333 <HTML><HEAD></HEAD><BODY><P>Did you issue "sh crash"? If there is no crash file found, then you need to connect the console and watch what the console prints.</P><P></P><P>what does "sh run logg" say? Do you have console logging enabled may be debug level. If so pls. disable that. How about http inspection is that enabled? If the connections do get established then, inspection will kick in.</P><P></P><P>I suggest that you open a TAC case and work with an engineer.</P></BODY></HTML> Wed, 07 Oct 2009 23:06:48 GMT https://community.cisco.com/t5/network-security/pix-crashing-with-no-crashinfo-file/m-p/1296904#M780333 Kureli Sankar 2009-10-07T23:06:48Z