cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4251
Views
0
Helpful
3
Replies

High CPU Usage 2 Firepower (2110 and 2140)

elmargraf
Level 1
Level 1

Hi,

I have a really strange problem with a cisco Firepower 2110 and a Firepower 2140:

FP 2110 is just configured as classic ASA-VPN-Appliance

FP 2140 is just configured as classic ASA-Firewall-System (with about 15 Subnets, 1200 endpoints)

 

Die FP 2140 as Firewall works well with a load between 2- 5 %

When I connect the FP 2110 via Layer3 Interface with a small subnet (netmask 255.255.255.240) the CPU load grows up on both machines, even the ASA-VPN-Appliance isn't still produktivie!

When I connect the VPN-Appliance (2110) to my 6500 Core-Router (same netmask) everything is fine with the cpu-load.

Really magic, till now I didn't found anything at cisco or got a answer from cisco.

Is there anyone with the same problem?

 

regards

Elmar

3 Replies 3

nspasov
Cisco Employee
Cisco Employee

It is hard to say what could be causing your issue from the information that you provided here. It could be a routing loop, software defect, etc. Have you opened a support case with TAC?

Thank you for rating helpful posts!

Thank you for rating helpful posts!

Hi,

I was off work for a week.

I think it is not a routing loop, because it is really simple.

I also contacted the TAC, but they haven't delivered a solution for that problem (with the necessary information - show tech-support etc..)

 

Regards

Elmar

 

We had a 99% and spontaneous reboots issue, solved by TAC today. We removed the command to permit traffic flow between same security level interfaces:

   no same-security-traffic permit intra-interface

 

Our management1/1 and inside interfaces were both security level 100 and unnecessary traffic was flowing between them.

 

Additionally, we had found the day before that our queues were filling up with NETBIOS traffic, so we removed that inspection from the default policy-map.

 

Andy

 

Review Cisco Networking for a $25 gift card