07-08-2024 09:09 AM
Hello Everyone,
We have a strange issue after 2 or 4 months, we are not able to reach the firewall and all the servers/systems connected with the firewall are not reachable.
Then we have to hard reboot the firewall and after reboot it start working fine.
Firewall Model and Version: ASA 5508
ASA Version: 9.9(2)
Can anyone please tell me what could be the issue?
Thanks in advance
07-08-2024 10:16 AM
You reboot so the asa dont keep info about issue byt if ypu have syslog message we can briefly know what issue was.
You and use can not know now anything of previous issue
MHM
07-13-2024 11:46 PM
Hello Sir,
Can you please help me find the recent logs before doing force reboot?
Thanks
07-15-2024 01:36 AM
Are you able to console into the firewall?
Syslog messages should be sent to your syslog server. If you do not have a syslog server then "show logging" from the CLI but this is limited to how large buffer you have configured.
As @Marvin Rhoads has mentioned, the first thing you should be doing is upgrading the ASA to a newer version as you might be hitting a bug.
If you are still having problems after upgrading, create a "show tech" file while the issue is happening (also create one when the issue is not present). I would then suggest opening a TAC case and provide the two show tech files. If opening a TAC case is not an option for you, remove any public IPs, usernames and passwords from the show tech files and then post them here and we can try to help you out.
07-15-2024 01:42 AM
Things you could try when the issue is happening are the following. Try each in turn and see if the issue is resolved after each command, that way we will know what is causing the issue.
Other things to check is if a failover has occured, and if the switch is seeing the correct MAC address for the Firewall. Also check ARP tables on your L3 devices and make sure that IP to MAC mappings are correct.
07-08-2024 10:27 AM - edited 07-08-2024 10:28 AM
You're running a very old image (~4 years) that is not even offered for download any more. It could be affected by many different bugs. I would start by upgrading to a more recent image. Something like 9.16.4-62 would be much better.
https://software.cisco.com/download/home/286285773/type/280775065/release/9.16.4%20Interim
07-13-2024 11:45 PM
Hello Marvin,
Thanks for your suggestion, I will check.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide