Solved: ASA 5585 HOT FIX FOR Bug: CSCvd78303 - ARP functions fail after 213 days of up time

adeelmir mir · ‎05-12-2017

Hello Every one,

We are facing problem caused by bug CSCvd78303 where ARP function will fail after 213 days , so all kind of traffic won't able to pass through firewall. There is no fix to this bug yet however if we reboot the firewall it will fix the problem for another 213 days.

I am planning to reboot my firewall which is HA pair and have virtual contents configured in it. May I please ask if someone could guide how to PLAN this reboot?

Thanks,

mir

Rahul Govindan · ‎05-12-2017

The releases that have the bug fix should already be out. The following versions and above should have the fix:

9.7(1.4)
9.6(3.1)
9.6(2.16)
9.5(3.8)
9.4(4.5)
9.2(4.20)
9.1(7.16)

Regrading reboot, you can use the Zero downtime upgrade procedure for Active/Active Failover devices:

http://www.cisco.com/c/en/us/td/docs/security/asa/migration/upgrade/upgrade.html#concept_7D37702EF9A54E718AFB4B5AB21B1B05

View solution in original post

Rahul Govindan · ‎05-12-2017

The releases that have the bug fix should already be out. The following versions and above should have the fix:

9.7(1.4)
9.6(3.1)
9.6(2.16)
9.5(3.8)
9.4(4.5)
9.2(4.20)
9.1(7.16)

Regrading reboot, you can use the Zero downtime upgrade procedure for Active/Active Failover devices:

http://www.cisco.com/c/en/us/td/docs/security/asa/migration/upgrade/upgrade.html#concept_7D37702EF9A54E718AFB4B5AB21B1B05

adeelmir mir · ‎05-12-2017

Thank you so much Rahul for a quick help. Much appreciated.