Hi Kerry, You have not missed any commands. You will not be able to see the software version if the module is not intialized and booted up completely, neither will you be able to load software. Reseat the module and we will see how it goes. Regards, Sooraj
... View more
Hi Kerry, The module is in the Unresponsive state. Try to reset the module using command 'hw-module module 1 reset'. If the module is still unresponsive, reseat the module. Please note, this module is not hot swappable, hence you will have to power down the ASA to reseat it. If inspite of reseating, the module is unresponsive, you either have a faulty SSM module or a faulty ASA. If you have another SSM module, try to install it on this ASA, if that module comes Up, then you have a faulty SSM module, if the other module still does not come up, you have a faulty ASA. Let me know how it goes. P.S.: Please mark this thread as answered if you feel your query is resolved. Do rate helpful posts. Regards, Sooraj
... View more
Hi Guido, Does this log file grow extremely quickly? (For example 1 GB a day). There is a Bug open for this issue: CSCuf08115 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCuf08115 The CsmReprtServer.log logs all the events on the CSM. So if this is not of much importance to you, you can go ahead and delete it. Regards, Sooraj
... View more
Hi, How are you checking the memory of the IPS? Please attach a copy of the show tech of your IPS. - Sooraj Sent from Cisco Technical Support Android App
... View more
Hi Aah, Installing the Any connect license will not override the existing Security plus license. You can go ahead and install it without any fear. Sent from Cisco Technical Support Android App
... View more
Hello , Interface overruns, no buffer and underruns often show that the firewall cannot process all the traffic it is receiving on its NIC. Overruns and no buffers indicate that input traffic is too much on a given interface. The interface maintains a receive ring where packets are stored before they are processed by the ASA. If the NIC is receiving traffic faster than the ASA can pull them off the receive ring, the packet will be dropped and either the no buffer or overrun counter will increment. You may find this useful: https://supportforums.cisco.com/docs/DOC-12439 Regards, Sooraj
... View more
Hello, As Jean pointed out, this is a bug. The Bug ID:CSCtq26388 You can find the Bug details here: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtq26388 PS: Bug not fixed. To receive updates on the Bug Fix, attach your email address to the Bug Regards, Sooraj
... View more
Hello, Each of these features (especially the Top 10 Services) uses a good bit of RAM. If you are running a 5510 or smaller, that can cause you to run out of RAM. To enable using the ASDM: Configuration > Firewall > Threat Detection > Scanning Threat Statistics Host = Top 10 Sources / Destination Access Rules = Top 10 Access Rules Port / Protocol = Top 10 Services Regards, Sooraj P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
... View more
Hello, If you disable failover on an Active/Standby pair, it causes the active and standby state of each unit to be maintained until you restart. Please reboot the ASA and then try to configure. Regards, Sooraj P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
... View more
Hello, Could be a little more clear on your question please. You can refer to the below mentioned document to configure NAT on IOS http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml Regards, Sooraj P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
... View more
As mentioned earlier, this is a design issue and there is not much i can comment about. You may want to think about upgrading the FWSM version, as you will have a whole lot of new features in addition to the event viewer being supported on CSM 4.1
... View more
Hello, I really dont have much idea about what the reason could be, but this is a design issue and cant comment much on this. What i feel is, it could be compatiblity issue. Regards, Sooraj
... View more
Hello, Here is a list of all the supported OID's supported by the ASA: ftp://ftp-sj.cisco.com/pub/mibs/supportlists/asa/asa-supportlist.html You can use the MIB "ciscoIpSecFlowMonitorMIB" (OID-1.3.6.1.4.1.9.9.171) for monitoring VPN This is a MIB Module for monitoring the structures in IPSec-based Virtual Private Networks. You can find more details about this in the below mentioned link: http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.4.1.9.9.171 I hope this helps. Regards, Sooraj P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
... View more
Hello, If you are mentioning about the ASA 5500 Series, yes the CSM 4.1 supports for the latest ASA firewall and VPN features (ASA v8.4), P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts. Regards, Sooraj
... View more
Hello Pete, I'm afraid you will not be able to recover the password without going to the ROMmon mode, for which you will have to power cycle the device which in turn will cause a network outage. You will have to arrange for a maintainace window and recover the password. Below i have mentioned the link which gives you step by step procedure for password recovery: http://www.cisco.com/en/US/products/hw/switches/ps663/products_password_recovery09186a00800945f7.shtml P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts. Regards, Sooraj
... View more