cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
432
Views
1
Helpful
5
Replies

ASAv in Azure

tiwang
Level 3
Level 3

I have downloaded the Azure version of ASAv 9.18.4-29-smp-k8 from Cisco (and uploaded to Azure) and spinned it up with a management (managementonly) interface, an OUTSIDE and INSIDE interface and using this as a AnyConnect VPN Hub. 

But from time to time it suddenly tries to reboot and ends into a hang - anyone had similar experiences? It is solely used for AnyConnect and has a static inbound from the Azure firewall for port 443 which is the only inbound access

I am a bit out of ideas here right now.

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

Check the resourcen and check any logs what causing the reboot. If this is external exposed check any DDoS attack ?

also possible upgrade to 9.18.4.34 and see that fix the issue.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ccieexpert
Spotlight
Spotlight

What do you mean it tries to reboot ? what message do you see that it is trying to reboot ?

have you look at the console ? what messages are you seeing .

A reboot is general recovery mechanism for a crash (kind of like windows blue screen) where something catastrophic happens.

Any hang or reboot are very hard to troubleshoot for anybody else other than TAC as they have crash decoders and coredump analyzers.. All reboot/crashes/hang may look more or similar without detailed troubleshooting and crashinfor/coredump analysis by TAC..

If you have TAC support, open a case.

This link below may help.

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/217663-troubleshoot-asa-or-ftd-unexpected-reloa.html

Other than, you could try to upgrade to the latest version/interim hoping that it was a known defect and that is fixed in latest version... But that comes with its own risks, so please read release notes etc and do that during a scheduled maint window and test all functionality to verify that it all works. ofcourse, you have other options of having another test instance in testing as well..

**Please rate as helpful if this was useful**

hi again - if we are able to connect to the serial console - not always - we can see in the output that init switches to runlevel 6 - and it ends into a hang

ccieexpert
Spotlight
Spotlight

It looks like its a crash.. the recovery from a something catastrpohic is a reboot. The reboot maybe resulting in a hang...

i would suggest upgrade to latest version and open a TAC case if you have support:

**Please rate as helpful if this was useful**

tiwang
Level 3
Level 3

for those of interest - it looks as when i disable console messages the problem disappears so it must be something related to sending console messages will block the vm if not emptied

 

Review Cisco Networking for a $25 gift card