Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
860
Views
0
Helpful
4
Replies

FWSM interfaces down

thegrave2000
Level 1
Level 1

‎11-10-2009 07:18 AM - edited ‎03-11-2019 09:38 AM

Hello,

I have a problem with FWSM running version 3.2(5) on Catalyst 6506 with 12.2SXH(33)a. All the interfaces of the FWSM are in down/down state without any explicable reason. The output is in the attachment - FWSM2 is the problematic one, FWSM1 is working fine. Uptime is 16 days on both modules.

Both switches have this configuration:

firewall multiple-vlan-interfaces

firewall module 1 vlan-group 2,

firewall vlan-group 2 77-80,749,750

I have one more 6506 with FWSM both running the same versions - the module works just fine. The trunks between the two switches are up, the VLANs are in STP Forwarding State (I'm running MST btw), everything looks just fine. The more interesting thing is that I'm 99% sure this problem is reoccurring in time - it appears for a while then it disappears without any logical reason. I searched through the bug toolkit as the FWSM version is quite old but I couldn't find a bug matching this description. Anyone had a similar problem? I plan to do an upgrade tomorrow if I don't find another solution.

Kind Regards,

Stefan

Labels:
Preview file
8 KB
0 Helpful
4 Replies 4

francisco del cura ferreira
Level 1
Level 1

‎11-13-2009 05:17 AM

Hello:

It's strange you can access to FWSM cause the SXH IOS is not valid for FWSM support, you need the SXI IOS.

Go to this link:

http://tools.cisco.com/ITDIT/CFN/Dispatch?act=rlsSelect&task=search&searchby=image

Select the image you have and you'll see that IOS doesn't support FWSM.

Regards

0 Helpful

thegrave2000
Level 1
Level 1
In response to francisco del cura ferreira

‎11-14-2009 04:13 AM

I think you are referring to this feature:

VSS - Firewall Service Module (FWSM) support

This is for 6500 VSS systems and that's not my case. I have a 6509 with Sup10G and FWSM and believe me - it works.

Anyway, the problem disappeared after a restart. I realized that the FWSM was like that since that switch had a major crash 17 days ago as this was the uptime of the module and a single packet wasn't transmitted. If the problem appears again though I'll upgrade the software. Any observations on 4.x track? Is it stable, does it cause any issues with regular L2/L3 protocols?

0 Helpful

plumbis
Level 7
Level 7
In response to thegrave2000

‎11-14-2009 10:25 AM

The latest 4.0 code is pretty solid and also gives you more room for ACL entries due to code optimizations.

0 Helpful

thegrave2000
Level 1
Level 1
In response to plumbis

‎11-14-2009 12:13 PM

Thanks for the information! Do you have any idea if it's necessary to upgrade the license I have for 3.2 to go to 4.x?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card