07-22-2012 09:24 AM - edited 03-11-2019 04:33 PM
Dear All,
Last week both my FWSM restarted when we launched penetration testing carried towards the appliance.
Please find my pasted logs and crashinfo files attached.
I need to know the below queries.
1) How to make sure that, the FWSM restarted due to only reason being Pen-testing launch ( Provide me with the assurance from crashinfo files, with detail notes )
2) How to stop these attacks and protect my FWSM in the future.
Awaiting experts to clarify my points.
002012: Jul 16 18:02:27.295 UAE: %SNMP-5-MODULETRAP: Module 9 [Down] Trap
002013: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/5, changed state to down
002014: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/6, changed state to down
Jul 16 18:02:27.299 UAE: SP: The PC in slot 9 is shutting down. Please wait ...
002015: Jul 16 18:02:35.519 UAE: %SEC_LOGIN-5-QUIET_MODE_OFF: Quiet Mode is OFF, because block period timed out at 18:02:35 UAE Mon Jul 16 2012
Jul 16 18:02:42.301 UAE: SP: shutdown_pc_process:No response from module 9
002016: Jul 16 18:02:52.303 UAE: %C6KPWR-SP-4-DISABLED: power to module in slot 9 set off (Reset)
002012: Jul 16 18:02:27.295 UAE: %SNMP-5-MODULETRAP: Module 9 [Down] Trap
002013: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/5, changed state to down
002014: Jul 16 18:02:27.167 UAE: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet9/6, changed state to down
Jul 16 18:02:27.299 UAE: SP: The PC in slot 9 is shutting down. Please wait ...
002015: Jul 16 18:02:35.519 UAE: %SEC_LOGIN-5-QUIET_MODE_OFF: Quiet Mode is OFF, because block period timed out at 18:02:35 UAE Mon Jul 16 2012
Jul 16 18:02:42.301 UAE: SP: shutdown_pc_process:No response from module 9
002016: Jul 16 18:02:52.303 UAE: %C6KPWR-SP-4-DISABLED: power to module in slot 9 set off (Reset)
Regards / Vimal.
07-25-2012 06:58 PM
Hi Bro
The crash file that you've provided is corrupted but no worries. I faced similar issues as well and after upgrading my FWSM to the latested version at that time v4.7.1, the FWSM didn't crash anymore when a Pen Test is being done. I believe this was due to a software bug.
08-13-2012 10:54 PM
Hi Ramraj,
Thanks for your reply.
I need to provide a concrete info to my management, either presenting them with a software bug-id before going for an upgrade.
So it would be good if any experts come back with a clear bug information.
Many thanks.
Vimal.
08-14-2012 12:24 AM
Please open a TAC case for situations like this.
08-14-2012 12:29 AM
Hi,
your crash is caused by CSCtg68694. You need to upgrade, please note 3.1.7 is an extremely old version. Try to move to 4.1.x
cheers
Adam
08-14-2012 12:50 AM
Thanks a lot Adam. Appreciate.
Any stable version do you recommend in the 4.1.x train.
Regards / Vimal.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: