srue Thu, 08/02/2007 - 06:11
User Badges:
  • Blue, 1500 points or more

------------------ show startup-config errors ------------------


ERROR: Command requires failover license

^

ERROR: % Invalid input detected at '^' marker.

*** Output from config line 109, "ERROR: Command requires ..."


ERROR: Command requires failover license

^

ERROR: % Invalid input detected at '^' marker.

*** Output from config line 110, "ERROR: Command requires ..."


do you have failover commands on this pix? "sh run | includ failover"


is it part of a failover set?

paulehosting Thu, 08/02/2007 - 06:15
User Badges:

Thanks for the quick reply!


The unit is standalone, there is no failover devices, that error has been present since the unit was purchased and first configured.


Thanks,

Paul

MJPGallagher Fri, 08/03/2007 - 01:27
User Badges:

I have a very similar issue in that my 515 had been running without issue for ~2yrs uptime. Started with a reboot 2 weeks ago. Strange I thought & couldn't find a cause.


Since then it's been randomly re-booting (including when under no real load ie 1:30 am).


Fortunately (or so I thought) I have a spare running the same OS 7.0(1), so I transferred the config (No substantial config changes in the last 4 mths) to it and it too randomly reboots. I can attach a crash info if necessary.


The "spare" that is now live had been powered off for a year or more & kept in the comms room. All of which would strongly suggest an OS issue to me.


I don't have a current smartnet for the device so I cannot access the Support site to get any info on OS fixes etc. The way in which this has been changed is deplorable.


Anybody with anything further to add?

Regards,

Martin

mattiaseriksson Fri, 08/03/2007 - 02:13
User Badges:
  • Bronze, 100 points or more

There are many nasty bugs in early 7.0 releases that will cause the PIX to reboot.


Especially in 7.0(1) through 7.0(4).


Some of them are related to http or sip inspection. A workaround is to disable http and sip inspection. Even if that does not fix the problem, there are other serious problems in those versions as well.


You should contact the reseller or TAC to obtain fixed software.

MJPGallagher Fri, 08/03/2007 - 02:17
User Badges:

Thanks for your input.

I'm trying to get a newer image from the re-seller. As I don't have CCO access, I'm not certain what release should be the best fix, or if for example I can go directly from 7.01 to 7.2


Regards,

M

mattiaseriksson Fri, 08/03/2007 - 02:31
User Badges:
  • Bronze, 100 points or more

I don't think that you get an upgrade from 7.0 to 7.2 for free without a service contract.


What you should get is 7.0.7.GD.


That's the first PIX 7 software that is a GD version so maybe it's not so bad anyway.

MJPGallagher Fri, 08/03/2007 - 02:38
User Badges:

If 7.07GD is stable, that's all I require at this point. Anyway I don't know what "goodies" are in 7.02 in terms of enhanced functionality as I don't have CCO access :-(


That in itself doesn't make sense to me from a consumer point of view.


Many thanks for your info,

M

MJPGallagher Fri, 08/03/2007 - 04:40
User Badges:

Mattias,

I have upgraded to 7.07; will post back in a couple of days/weeks if this fixes the issue, or sooner if not ;-)

Many thanks,

M

paulehosting Fri, 08/03/2007 - 06:09
User Badges:

Guys,


Thanks for the replies - I didnt get the notifications by email of new posts! I am awaiting a SMARTnet contract on the firewall so we can upgrade IOS, I am hoping that will sort the issues.


MJPGallagher - Let us know how you get on, would be great to hear if you get the issue resolved :)


Thanks,

Paul

MJPGallagher Sun, 08/05/2007 - 23:21
User Badges:

Unfortunately 7.0.7GD hasn't fixed the issue (although it does give more crash info); PIX rebooted twice on the 3rd Aug, post-upgrade and 6 times on the 4th, No times yesterday & not yet today... Extremely frustrating.

mattiaseriksson Mon, 08/06/2007 - 01:37
User Badges:
  • Bronze, 100 points or more

Interesting, I have never seen a route_process crash before.


You are running RIP on at least one interface?


Is it always this process that crashes?


You could try to disable RIP if possible, to see if this is the cause.


I searched for bugs related to the route_process or RIP but I couldn't find anything. Perhaps it is time to open a TAC case.

MJPGallagher Mon, 08/06/2007 - 03:13
User Badges:

Yes, running rip passive v2 on inside & DMZ if's


Also it does *appear* to be route_process every time (only since upgrade to 7.0.7 do I get the PANIC statements) but yes the thread name is the same each time


regards,

M

mattiaseriksson Mon, 08/06/2007 - 03:21
User Badges:
  • Bronze, 100 points or more

I could not find any existing TAC case related to RIP, so this could be a new bug.


A workaround could be to disable RIP and use static routing only, or debug it to see exactly what RIP is doing when it crashes, and open a TAC case.

MJPGallagher Tue, 08/07/2007 - 06:59
User Badges:

I'll have to get a smartnet contract for this FW & see what I can find out with OS upgrades & TAC support. Thanks

Actions

This Discussion