Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
2
Helpful
6
Replies

Cisco ASA Firewall Issue 5508

Hamidsattarrana
Level 1
Level 1

‎07-08-2024 09:09 AM

Hello Everyone,

We have a strange issue after 2 or 4 months, we are not able to reach the firewall and all the servers/systems connected with the firewall are not reachable.

Then we have to hard reboot the firewall and after reboot it start working fine.

Firewall Model and Version: ASA 5508

ASA Version: 9.9(2)

Can anyone please tell me what could be the issue?

Thanks in advance

6 Replies 6

MHM Cisco World
VIP
VIP

‎07-08-2024 10:16 AM

You reboot so the asa dont keep info about issue byt if ypu have syslog message we can briefly know what issue was.

You and use can not know now anything of previous issue

MHM

0 Helpful

Hamidsattarrana
Level 1
Level 1
In response to MHM Cisco World

‎07-13-2024 11:46 PM

Hello Sir,

Can you please help me find the recent logs before doing force reboot? 

Thanks

0 Helpful

Marius Gunnerud
VIP
VIP
In response to Hamidsattarrana

‎07-15-2024 01:36 AM

Are you able to console into the firewall?

Syslog messages should be sent to your syslog server.  If you do not have a syslog server then "show logging" from the CLI but this is limited to how large buffer you have configured.

As @Marvin Rhoads has mentioned, the first thing you should be doing is upgrading the ASA to a newer version as you might be hitting a bug.

If you are still having problems after upgrading, create a "show tech" file while the issue is happening (also create one when the issue is not present).  I would then suggest opening a TAC case and provide the two show tech files.  If opening a TAC case is not an option for you, remove any public IPs, usernames and passwords from the show tech files and then post them here and we can try to help you out.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Marius Gunnerud
VIP
VIP
In response to Hamidsattarrana

‎07-15-2024 01:42 AM

Things you could try when the issue is happening are the following. Try each in turn and see if the issue is resolved after each command, that way we will know what is causing the issue.

  • clear conn
  • clear xlate

Other things to check is if a failover has occured, and if the switch is seeing the correct MAC address for the Firewall.  Also check ARP tables on your L3 devices and make sure that IP to MAC mappings are correct.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-08-2024 10:27 AM - edited ‎07-08-2024 10:28 AM

You're running a very old image (~4 years) that is not even offered for download any more. It could be affected by many different bugs. I would start by upgrading to a more recent image. Something like 9.16.4-62 would be much better.

https://software.cisco.com/download/home/286285773/type/280775065/release/9.16.4%20Interim

Hamidsattarrana
Level 1
Level 1
In response to Marvin Rhoads

‎07-13-2024 11:45 PM

Hello Marvin,

Thanks for your suggestion, I will check.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card