Solved

Cisco ASA 5505 restarting itself

Posted on 2010-08-31
13
1,949 Views
Last Modified: 2012-05-10
I have a CIsco ASA 5505 installed at a client and they claim it is resetting/restarting itself all on it's own accord. They say this occurs with a growing frequency. I'd like to log events to see what causes the failures, but I don't know how without the ASDM and I cannot find this.

Is it possible the log is full and causing this? If so, how would I clear it?

Is it possible the 10 user VPN license is maxing out with too many users now and causing this?

Any help would be appreciated.
0
Comment
Question by:garyoh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +2
13 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33573910
HI,

How many is the temperature in the environment?
0
 

Author Comment

by:garyoh
ID: 33573925
Good question. I'll find out. I know it is down south where it has been very hot lately. But the offices are air conditioned. Have you seen this be a problem?
0
 
LVL 7

Expert Comment

by:lewisg
ID: 33573975
First thing to check is the power connectors. Be sure everything is plugged in tight and hopefully the unit is on the same UPS as other equipment they would miss if the power went off.

Put a hand on the power brick and check it's temperature, sometimes they overheat and fail. Listen to the power unit. It is a switching type power supply and they can get flakey.

ASDM is available by going to the IP address of the 5505 using a web browser. I fairly sure you need to use https like this:

 https://192.168.1.1  (or whatever the IP of the 5505 is).

Once you are logged in check the log and see if there are errors or just a bunch of restarts.

I doubt it is logging or VPN usage that is causing this problem. Likely a power or temperature problem.

0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 3

Expert Comment

by:sudeep_mib
ID: 33574568
No device reload cann't happen due to log buffer full or maximum vpn user session . Mostly problem is electricity first check the electricity port .Then check whether temperature is normal .

Did you getting crashinfo log in ASA flash ?

0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33574860
Yes I seen the 5505 working to 40 Celsius good, and after reset itself...

If you want more IPSEC sessions you need security plus license
0
 
LVL 2

Expert Comment

by:astergiou
ID: 33575415
The most common problem of an ASA restarting is memory

Did you updated ASA's memory with non cisco memory?
Try changing its memory
0
 

Author Comment

by:garyoh
ID: 33577502
sudeep, I can l ogin to the ASDM without problem. Sometimes the unit just seems to go off and then on. I am not in that location but can tell when the unit recycles as my Remote Desktop Session just closes.  I am checking the environment with a local person.

astergiou: I didn't upgrade the memory. Do you suppose it needs addtional memory? How would I know?

sudeep: I am not sure where to extract the log to a file so I can review offline. Where would I find that? Sorry, but I've never had to do this.
0
 
LVL 7

Expert Comment

by:lewisg
ID: 33577625
"but can tell when the unit recycles as my Remote Desktop Session just closes"

I would think that is completely normal since you are most likely connected to the RDP server via the 5505.

Rule out power problems first. This is a universal rule of troubleshooting any electrical device, especially ones that go on and off.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33577676
how many is the free memory, and plese provide us 'sh ver'
0
 

Author Comment

by:garyoh
ID: 33581042
Show ver
Result of the command: "show ver"

Cisco Adaptive Security Appliance Software Version 7.2(4)
Device Manager Version 5.2(4)

Compiled on Sun 06-Apr-08 13:39 by builders
System image file is "disk0:/asa724-k8.bin"
Config file at boot was "startup-config"

AS5505A up 1 hour 22 mins

Hardware:   ASA5505, 256 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
                             Boot microcode   : CNlite-MC-Boot-Cisco-1.2
                             SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05
 0: Int: Internal-Data0/0    : address is 0021.a0ca.5595, irq 11
 1: Ext: Ethernet0/0         : address is 0021.a0ca.558d, irq 255
 2: Ext: Ethernet0/1         : address is 0021.a0ca.558e, irq 255
 3: Ext: Ethernet0/2         : address is 0021.a0ca.558f, irq 255
 4: Ext: Ethernet0/3         : address is 0021.a0ca.5590, irq 255
 5: Ext: Ethernet0/4         : address is 0021.a0ca.5591, irq 255
 6: Ext: Ethernet0/5         : address is 0021.a0ca.5592, irq 255
 7: Ext: Ethernet0/6         : address is 0021.a0ca.5593, irq 255
 8: Ext: Ethernet0/7         : address is 0021.a0ca.5594, irq 255
 9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255
10: Int: Not used            : irq 255
11: Int: Not used            : irq 255

Licensed features for this platform:
Maximum Physical Interfaces : 8        
VLANs                       : 3, DMZ Restricted
Inside Hosts                : 10     <--this puzzles me. I thought this was unlimited inside.      
Failover                    : Disabled
VPN-DES                     : Enabled  
VPN-3DES-AES                : Enabled  
VPN Peers                   : 10        
WebVPN Peers                : 2        
Dual ISPs                   : Disabled  
VLAN Trunk Ports            : 0        

This platform has a Base license.

Configuration has not been modified since last system restart.
0
 

Author Comment

by:garyoh
ID: 33581053
show mem:
Result of the command: "show mem"

Free memory:       193286776 bytes (72%)
Used memory:        75148680 bytes (28%)
-------------     ----------------
Total memory:      268435456 bytes (100%)



Result of the command: "show mem"

Free memory:       193286936 bytes (72%)
Used memory:        75148520 bytes (28%)
-------------     ----------------
Total memory:      268435456 bytes (100%)
0
 

Accepted Solution

by:
garyoh earned 0 total points
ID: 33583336
looks like the users license issue was the problem after all. Not the vpn licenses, but the IP addresses for this machine are the problem. Itt's fixed now.
0
 
LVL 7

Expert Comment

by:lewisg
ID: 33583691
So let me get this straight. If more than 10 internal users attempt to use this router it shuts down and restarts?

Several people have been trying to get me to drop my long standing objection to Cisco products as overpriced POS by citing the value and ease of use of the ASA 5505. I have been working with one of these units and user count is not something that stood out. My only issue was the lack of a standards based web interface. Routers should only limit internal hosts based on IP address rules, not some "marketing feature".

If this device ceases to function when an arbitrary number is crossed it sets a NEW low for the people that took a 4 click firmware upgrade to over 30 clicks.

WOW!
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month4 days, 1 hour left to enroll

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question