cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10041
Views
0
Helpful
12
Replies

ASA 5520 Crash

m.scaranello
Level 1
Level 1

Hello everybody,

I have a serious problem with my corporate firewall, witch is an ASA 5520, fv 8.3, with 8 +1 interfaces.

It suddenly started to crash every 10/20 minutes and rebooting alone.

First of all I checked system resources witch are in a very low usage state.

I also checked interfaces errors, but nothing strange come out o from error counters analisys.

I tried disabling logging and all the service policy rules configured, but nothing changed.

Nothing changed and firewal continue restarting by himself.


Last logs I received before crash were:

%ASA-4-711004: Task ran for 35 msec, Process = Dispatch Unit, PC = 84a619e, Call stack =

%ASA-4-711004: Task ran for 35 msec, Process = Dispatch Unit, PC = 84a619e, Call stack =   0x084A619E  0x084A6512  0x084A70E1  0x084A7987  0x084A7AAA  0x08558B9B  0x08558E8A  0x083D3518  0x083CA145  0x080659D1  0x089196D9  0x08919790  0x089FF711  0x08A27468

Here the sh crashinfo command on module 0, after last reboot:

hread Name: Dispatch Unit
Page fault: Address not mapped
    vector 0x0000000e
       edi 0x00000000
       esi 0x6d385d1c
       ebp 0x6c2d5a90
       esp 0x6c2d5a28
       ebx 0x6d37fe90
       edx 0x6d385d28
       ecx 0x6d385e28
       eax 0xfffffffc
error code 0x00000005
       eip 0x08cda948
        cs 0x00000073
    eflags 0x00013286
       CR2 0xfffffffc

Cisco Adaptive Security Appliance Software Version 8.3(1)

Compiled on Thu 04-Mar-10 16:56 by builders
Hardware:   ASA5520
Crashinfo collected on 11:43:50.787 CEST Mon Feb 28 2011

Any suggestion to find out the problem????

Thank you very much,

Matt

12 Replies 12

Jennifer Halim
Cisco Employee
Cisco Employee

My advise would be to open a TAC case so the complete crash dump can be decoded and analysed, and it probably will match a specific bug and software upgrade will be required. TAC should be able to advise you further on the crash.

Jerome Tissieres
Spotlight
Spotlight

Hello,

I have exactly the same problem with an ASA5520 under version 8.4(2) since yesderday;

Did the TAC solve this problem?

Thank you,

Best Rgds,

Jerome

Aaron Daniels
Level 1
Level 1

I hit this one today...

See: CSCtr33228

Thanks,

Aaron

Hello,

I've got exactly the same problem for few days with ASA5520 under version 8.2(1). Is there a known solution ?

Best Regards,

Yann SZKOLNIK

PS: my device wasn't in a failover scenario, and we didn't find a triggering event, but it seemed to be a randomic trouble.

m.scaranello
Level 1
Level 1

Hello everybody,

at that time we opened a TAC case, and Cisco directly changed our device. This trouble created a big problem in our organization, and nobody still knows why it suddenly happened.

We wasn't so happy to pay for get assistance for something that wasn't related to an our mistake and that happened on a very young device.

Fortunately, since we changed the hardware the problem didn't happen again...

Good luck,

Matteo

Hello Matteo,

Apparently upgrade to 8.4.5.2 could solve the problem. I will test this solution next week, i'll give you my feedback and tell you if after this upgrade the asa work fine.

Best Regards,

Yann SZKOLNIK

Hello Yann,

we have the same problem. Could you try to upgrade to 8.4.5.2?

Thanks

Best Regads

AVP

patoberli
VIP Alumni
VIP Alumni

We also seem to get this crash, since we updated to 8.2.5(22).

It seems to crash just after replicating the configuration. Only the Standby unit is crashing.

Might also be that the bug CSCtr33228 is also in 8.2.5(22) Previous version was 8.2.4(4) which did not crash.

Here a part of our dump:

sh crashinfo
: Saved_Crash

Thread Name: Dispatch Unit
Page fault: Address not mapped
    vector 0x0000000e
       edi 0x00000000
       esi 0x00000000
       ebp 0xc92d3290
       esp 0xc92d3058
       ebx 0xcdfa9a1c
       edx 0x00000000
       ecx 0xcdfa9a1c
       eax 0x00005884
error code 0x00000004
       eip 0x0876af80
        cs 0x00000073
    eflags 0x00013202
       CR2 0x000000b8

Cisco Adaptive Security Appliance Software Version 8.2(5)22

Hello,

We solved this problem one year ago. Firstable i disabled logs recording and the 5520 immediatly stopped to reboot.

Few weeks later, i upgraded to 8.3(1), i'm not sure it was the best idea i've had, cause syntax of some parts of configuration have changed with this new version. Fortunely all tests were made on a spare 5520 but i had to rewrite all the firewall rules.

Best Regards,

Yann SZKOLNIK

Hello,

Thanks for the quick reply.

We have disabled logs recording in the ASA, we send the logs to a Syslog Server.

We will analyze to upgrade the version.

Best Regards

AVP

Hello,

We used a syslog server too, but this problem stopped when i disabled all logging actions.

Best Regards,

Yann SZKOLNIK

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: