cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

493
Views
0
Helpful
4
Replies
Highlighted
Beginner

Memory Utilization on 5510

Hi Folks,

Just want to check with you about memory utilization on the Asa 5510 ..

Free memory: 19%

Used Memory: 81%

Is this normal? Because we hade a problem this morning and the memory was at 100%..

Device Manager version 6.1(5) 57

Hardware:   ASA5510-K8, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Any tips and tricks?

4 REPLIES 4
Highlighted

Hello Shane,

Open a TAC case as soon as you can so we can take the required outputs to decode what is going on, This is definetely not expected (  Because we hade a problem this morning and the memory was at 100%)

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Highlighted

Well i don't think its a huge problem, I think it was a spanning tree issue on the switches..

But for now the mem utilization is at 81%..

/Shane    

Highlighted

Hello Shane,

Okay, good to know that,

Here are some facts about memory problems:

High Memory Utilization

Here are some possible causes and resolutions for high memory utilization:

  • Event logging: Event logging can consume large amounts of memory. In order to resolve this issue, install and log all events to an external server, such as a syslog server.
  • Memory Leakage: A known issue in the security appliance software can lead to high memory consumption. In order to resolve this issue, upgrade the security appliance software.
  • Debugging Enabled: Debugging can consume large amounts of memory. In order to resolve this issue, disable debugging with the undebug all command.
  • Blocking Ports: Blocking ports on the outside interface of a security appliance cause the security appliance to consume high amounts of memory to block the packets through the specified ports.In order to resolve this issue, block the offending traffic at the ISP end.
  • Threat-Detection: The threat detection feature consists of different levels of statistics gathering for various threats, as well as scanning threat detection, which determines when a host is performing a scan. Turn off this feature to consume less memory.

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Highlighted

Hey

Thanks for the info,

I have one more question, now the ASA is working fine, but one thing is a little off, the dmz interface is not working the way it suppose to. Clients are not reaching the servers on the DMZ interface Maybe it has something to do with that we hade a failover firewall that was On before..But probably not..

Also Syslog Messages in the ASDM, i see a bunch of

DENY ICMP revers path check from x.x.xx to x.x.x.x on interface dmz

DENY ICMP revers path check from x.x.xx to x.x.x.x on interface outside

Thanks again

Shane

Content for Community-Ad