cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2584
Views
5
Helpful
6
Replies

Failed Ports on ASA-IC-6GE-SFP-C for ASA 5545X

daniel.decost
Level 1
Level 1

Hello All;

I am deploying a redundant pair of ASA 5545X Firewalls and using the  ASA-IC-6GE-SFP-C fiber card to provide fiber optic interconnectivity to the firewals and for failover capabilities (The firewalls are located across the campus from eachother)

The cards are installed, and detected in a show version, but I'm having issues with getting interfaces to link. Taking the campus fiber out of the picture I've been bench testing the firewalls using a single pair of singe mode fiber, and two GLC-LX-SMD's. Testing port by port, I get link on some but not others. Raised a TAC and RMAd the hardware assuming bad cards. Received my Replacement cards today, but the situation is even worse. Three out of six of the ports are not giving link on both cards. And, they are the SAME ports in botth cards. I've wiped my config, rolled back the OS (from 9.1(2) to 8.6, and back again). Yes, all the ports are "no shut" and the fiber tests good because I get link on working ports, and also I get link between the friewalls and a switch on one of the working ports.

The odd thing is, if I test the ports while the firewalls are powering up, I get link across all ports no problem. Once the OS has loaded, I'm back to 50% failure.

I know this is very new hardware. We have used other models of the 5500X Series in other sites, but this is the first time with the 5545X and using the

ASA-IC-6GE-SFP-C.

Is there something I"m missing that's important about these cards? I'm going to have to either raise another TAC, or append my existing TAC to the current status.

Any help that anybody can give would be greatly appreciated.

6 Replies 6

juanclazcano
Level 1
Level 1

Hi Daniel,

Did you find out what was the cause of this?

I have exactly the same problem.

John

Hello all,

same problem for me. Any info if it is fixied with 9.1.4?

regards

Gregor

daniel.decost
Level 1
Level 1

Sorry for not updating this.

I had found, after several hours of trial and error, that the problem was with the off-brand (RE Non Cisco) SFP Modules that my vendor had sent (We did in fact order GLC-LH-SMD, but the sent us a compatible module by mistake). We do know this to be an issue with other devices, which is why we always order the genuine Cisco SFP modules to avoid this problem.

I discovered this when I tested the connections using some genuine GLC-LH-SM's I had brought with me from my. These worked in 100% of the ports. The odd thing that was throwing me off was that the non-genuine SFPs seemed only to be working in the odd-numbered ports.

It would appear that the Fiber module for the ASA5500-X is very sensitive to using off-brand SFPs,

I contacted my vendor and had them resolve the mis-shipped SPF modules. Everything has been solid since.

Moral of the story, don't go cheap!

I am facing same issue now . Even i am using cisco SFP . i have upgraded the version ( asa992-smp-k8.bin)  . but issue remain same.. 

The issue here is connectivity - i change that to 1G SFP on both side working . earlier it was 10G SR.

Even still inventory not shows serial number . 

 

So change the SFP to 1G on both side working..

We are also facing same issues with SFP ports down on ASA-IC-6GE-SFP-C for ASA 5555 running Active / Active configuration.   ASA version 9.6.4(3).

 

 

We are using Cisco GLC-LH-SMD Gigabit EThernet transceivers.

 

I understand there is a bug with command show interface transceivers as well as its not showing SFP inserted on cli not sure which version is fixed on but its not fixed in thus version.  

 

Can some confirm that when the tranceiver is inserted if I should be able to see a light from coming the SFP itself even without connecting fibres?   and if I dont see a light that means that there is definitely a module failure ?  Currently Gig 1/2 not coming up on both Active/ Active firewalls.  

 

 

 

 

Review Cisco Networking for a $25 gift card