cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1842
Views
0
Helpful
5
Replies

asa5505 crashing perhaps related to maximum connections per second

erntechie
Level 1
Level 1

I have an asa5505 with software version 7.2(3) that randomly stops responding.

The firewall sits in front of a public facing webserver that handles a significant amount of traffic.

I was wondering that would happen when the asa5505 reaches or exceeds the 4000 connections per second limit... i.e. would this possibly explain why my asa5505 stops responding and requires a power cycle in order to start working again.

when it "crashes" it does not respond on either the outside or inside interfaces.

5 Replies 5

Jennifer Halim
Cisco Employee
Cisco Employee

do you get any output from "show crash"? if you do, please post the output, it is probably a bug.

i get "no crash file found" when i run that command.

I have powered the device off and on repeatedly in the last week if that affects a crash file being present.

Kevin P Sheahan
Level 5
Level 5

When you say 'stops responding' what do you mean? Does it simply not respond to HTTPS for ASDM or are you trying telnet/ssh/console?

Kind Regards,

Kevin

**Please remember to rate helpful posts as well as mark the question as 'answered' once your issue is resolved. This will help others to find your solution faster.

Kind Regards, Kevin Sheahan, CCIE # 41349

when it stops responding, the webserver requests timeout which is how we first notice the problem, the ASDM from an internal host cannot be reached, and from an inside IP address I cant even ping the inside interface of the 5505.

only a power cycle brings it back online.

Investigation into this issue should be performed via the console connection. This may allow you access to debugs/switchport states/etc. that you will not otherwise get if the ASA is not accepting connections through the LAN. I understand that a quick power-cycle 'resolves' the issue but you're dooming yourself to face it again. Next time this happens I would recommend interrogating the device via console and posting back your results. From there, I'm sure we can help.

Kind Regards,

Kevin

**Please remember to rate helpful posts as well as mark the question as 'answered' once your issue is resolved. This will help others to find your solution faster.

Kind Regards, Kevin Sheahan, CCIE # 41349
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: