06-05-2017 04:55 AM - edited 03-10-2019 06:51 AM
Hi all,
I have two cisco asa 5545x-ips, actice-standby with latest signature updated but always the health shows APPLICATION FAILED.
I have always to restart the devices and after some time the health again shoes RED (application failed)
Anyone please help me to understand why the the sensor always go to application fail.
Overall Health Status Red
Health Status for Failed Applications Red
Health Status for Signature Updates Green
Health Status for License Key Expiration Green
Health Status for Running in Bypass Mode Green
Health Status for Interfaces Being Down Green
Health Status for the Inspection Load Green
Health Status for the Time Since Last Event Retrieval Green
Health Status for the Number of Missed Packets Green
Health Status for the Memory Usage Green
Health Status for Global Correlation Green
Health Status for Network Participation Green
Thanks
06-06-2017 01:36 AM
Anyone can help please.
Thanks
06-06-2017 03:01 AM
I'd recommend you contact TAC for this.
If you have curent signatures then you should still have an active support contract.
06-06-2017 06:08 AM
U don't have any idea why the sensor always goes to RED (application failed).
I logged a ticket on TAC but till now nothing.
please help...
06-06-2017 01:17 PM
There were some old bugs with Global Correlation that could cause this. However if you are running any current IPS version (which you must be to be current signatures), those don't apply.
TAC can look at some detailed system logs and hopefully find your root cause.
Meanwhile you should be planning to move to a new IPS technology. There's less than a year left in the classic Cisco IPS signature updates and the product is almost end of life.
06-07-2017 12:07 AM
Yes I am running the latest IPS version ( Cisco Intrusion Prevention System, Version 7.3(5)E4) and IME version 7.2.7.
You mean move to FIREPOWER? I upgrade my old ASA-5520 with SSM20-IPS card to ASA5545X with IPS feature without any problem.
From 2 months ago till now am still facing this problem even with the latest signature update.
06-07-2017 01:35 AM
Working with the TAC on your open case is best for your immediate problem.
All signature support for appliances and modules will end on April 26, 2018 as stated in the End-of-Sale and End-of-Life Announcement for the Cisco Intrusion Prevention System.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide