Go Premium for a chance to win a PS4. Enter to Win


Cisco ASA 5505 restarting itself

Posted on 2010-08-31
Medium Priority
Last Modified: 2012-05-10
I have a CIsco ASA 5505 installed at a client and they claim it is resetting/restarting itself all on it's own accord. They say this occurs with a growing frequency. I'd like to log events to see what causes the failures, but I don't know how without the ASDM and I cannot find this.

Is it possible the log is full and causing this? If so, how would I clear it?

Is it possible the 10 user VPN license is maxing out with too many users now and causing this?

Any help would be appreciated.
Question by:garyoh
  • 5
  • 3
  • 3
  • +2
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33573910

How many is the temperature in the environment?

Author Comment

ID: 33573925
Good question. I'll find out. I know it is down south where it has been very hot lately. But the offices are air conditioned. Have you seen this be a problem?

Expert Comment

ID: 33573975
First thing to check is the power connectors. Be sure everything is plugged in tight and hopefully the unit is on the same UPS as other equipment they would miss if the power went off.

Put a hand on the power brick and check it's temperature, sometimes they overheat and fail. Listen to the power unit. It is a switching type power supply and they can get flakey.

ASDM is available by going to the IP address of the 5505 using a web browser. I fairly sure you need to use https like this:  (or whatever the IP of the 5505 is).

Once you are logged in check the log and see if there are errors or just a bunch of restarts.

I doubt it is logging or VPN usage that is causing this problem. Likely a power or temperature problem.


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.


Expert Comment

ID: 33574568
No device reload cann't happen due to log buffer full or maximum vpn user session . Mostly problem is electricity first check the electricity port .Then check whether temperature is normal .

Did you getting crashinfo log in ASA flash ?

LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33574860
Yes I seen the 5505 working to 40 Celsius good, and after reset itself...

If you want more IPSEC sessions you need security plus license

Expert Comment

ID: 33575415
The most common problem of an ASA restarting is memory

Did you updated ASA's memory with non cisco memory?
Try changing its memory

Author Comment

ID: 33577502
sudeep, I can l ogin to the ASDM without problem. Sometimes the unit just seems to go off and then on. I am not in that location but can tell when the unit recycles as my Remote Desktop Session just closes.  I am checking the environment with a local person.

astergiou: I didn't upgrade the memory. Do you suppose it needs addtional memory? How would I know?

sudeep: I am not sure where to extract the log to a file so I can review offline. Where would I find that? Sorry, but I've never had to do this.

Expert Comment

ID: 33577625
"but can tell when the unit recycles as my Remote Desktop Session just closes"

I would think that is completely normal since you are most likely connected to the RDP server via the 5505.

Rule out power problems first. This is a universal rule of troubleshooting any electrical device, especially ones that go on and off.
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33577676
how many is the free memory, and plese provide us 'sh ver'

Author Comment

ID: 33581042
Show ver
Result of the command: "show ver"

Cisco Adaptive Security Appliance Software Version 7.2(4)
Device Manager Version 5.2(4)

Compiled on Sun 06-Apr-08 13:39 by builders
System image file is "disk0:/asa724-k8.bin"
Config file at boot was "startup-config"

AS5505A up 1 hour 22 mins

Hardware:   ASA5505, 256 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
                             Boot microcode   : CNlite-MC-Boot-Cisco-1.2
                             SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05
 0: Int: Internal-Data0/0    : address is 0021.a0ca.5595, irq 11
 1: Ext: Ethernet0/0         : address is 0021.a0ca.558d, irq 255
 2: Ext: Ethernet0/1         : address is 0021.a0ca.558e, irq 255
 3: Ext: Ethernet0/2         : address is 0021.a0ca.558f, irq 255
 4: Ext: Ethernet0/3         : address is 0021.a0ca.5590, irq 255
 5: Ext: Ethernet0/4         : address is 0021.a0ca.5591, irq 255
 6: Ext: Ethernet0/5         : address is 0021.a0ca.5592, irq 255
 7: Ext: Ethernet0/6         : address is 0021.a0ca.5593, irq 255
 8: Ext: Ethernet0/7         : address is 0021.a0ca.5594, irq 255
 9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255
10: Int: Not used            : irq 255
11: Int: Not used            : irq 255

Licensed features for this platform:
Maximum Physical Interfaces : 8        
VLANs                       : 3, DMZ Restricted
Inside Hosts                : 10     <--this puzzles me. I thought this was unlimited inside.      
Failover                    : Disabled
VPN-DES                     : Enabled  
VPN-3DES-AES                : Enabled  
VPN Peers                   : 10        
WebVPN Peers                : 2        
Dual ISPs                   : Disabled  
VLAN Trunk Ports            : 0        

This platform has a Base license.

Configuration has not been modified since last system restart.

Author Comment

ID: 33581053
show mem:
Result of the command: "show mem"

Free memory:       193286776 bytes (72%)
Used memory:        75148680 bytes (28%)
-------------     ----------------
Total memory:      268435456 bytes (100%)

Result of the command: "show mem"

Free memory:       193286936 bytes (72%)
Used memory:        75148520 bytes (28%)
-------------     ----------------
Total memory:      268435456 bytes (100%)

Accepted Solution

garyoh earned 0 total points
ID: 33583336
looks like the users license issue was the problem after all. Not the vpn licenses, but the IP addresses for this machine are the problem. Itt's fixed now.

Expert Comment

ID: 33583691
So let me get this straight. If more than 10 internal users attempt to use this router it shuts down and restarts?

Several people have been trying to get me to drop my long standing objection to Cisco products as overpriced POS by citing the value and ease of use of the ASA 5505. I have been working with one of these units and user count is not something that stood out. My only issue was the lack of a standards based web interface. Routers should only limit internal hosts based on IP address rules, not some "marketing feature".

If this device ceases to function when an arbitrary number is crossed it sets a NEW low for the people that took a 4 click firmware upgrade to over 30 clicks.


Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question