Cisco ASA bug CSCtg86810, Is there a resolution other than to Reload?

mahenkpatel · ‎05-29-2013

Hi,

Recently I came across a but in Cisco ASA (Version 8.2(1)), you can find the details of the bug from the below link.

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtg86810&Submit=Search

I just want to know if there is any resolution for this bug other than to Reload, as reloading and Telnet is not an option in current scenario and we are locked out of the firewall because of this bug.

Thanks

Jouni Forss · ‎05-29-2013

Hi,

I think we run into some similiar bug in that software level which made the SSH connections fail. I just cannot remember how it was corrected as I wasnt the person that it happened to.

Do you have a Failover pair of ASAs? Maybe changing the Active device might help there? Or if you have a failover environment can you access the standby device?

If you dont have Failover setup and dont have any other management connection to it I am personally not sure what can be done other than trying to troubleshoot the situation through console connection directly or reboot the device.

I personally have very rarely used the "show run all" command so its not suprising that I have not run into this myself.

- Jouni

mahenkpatel · ‎05-29-2013

Hi,

Thanks for the reply.

Yes the firewall is in Active/Standby Failover. But the ip addresses are assigned only to the failover link and the interfaces are not being tracked for failover so I think I wont be able to access the standby firewall directly.

I already took console and tried regenerating ssh rsa key pair and also tried to remove and add ssh configuration but nothing worked.

Thanks