cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1203
Views
0
Helpful
17
Replies

PIX515E Crashing

paulehosting
Level 1
Level 1

Hi,

We have a PIX515E which appears to crash every so often, I have attached the "show crashinfo" output, has anybody seen this before or able to advise in any way?

Many thanks,

Paul

17 Replies 17

srue
Level 7
Level 7

------------------ show startup-config errors ------------------

ERROR: Command requires failover license

^

ERROR: % Invalid input detected at '^' marker.

*** Output from config line 109, "ERROR: Command requires ..."

ERROR: Command requires failover license

^

ERROR: % Invalid input detected at '^' marker.

*** Output from config line 110, "ERROR: Command requires ..."

do you have failover commands on this pix? "sh run | includ failover"

is it part of a failover set?

Thanks for the quick reply!

The unit is standalone, there is no failover devices, that error has been present since the unit was purchased and first configured.

Thanks,

Paul

I have a very similar issue in that my 515 had been running without issue for ~2yrs uptime. Started with a reboot 2 weeks ago. Strange I thought & couldn't find a cause.

Since then it's been randomly re-booting (including when under no real load ie 1:30 am).

Fortunately (or so I thought) I have a spare running the same OS 7.0(1), so I transferred the config (No substantial config changes in the last 4 mths) to it and it too randomly reboots. I can attach a crash info if necessary.

The "spare" that is now live had been powered off for a year or more & kept in the comms room. All of which would strongly suggest an OS issue to me.

I don't have a current smartnet for the device so I cannot access the Support site to get any info on OS fixes etc. The way in which this has been changed is deplorable.

Anybody with anything further to add?

Regards,

Martin

There are many nasty bugs in early 7.0 releases that will cause the PIX to reboot.

Especially in 7.0(1) through 7.0(4).

Some of them are related to http or sip inspection. A workaround is to disable http and sip inspection. Even if that does not fix the problem, there are other serious problems in those versions as well.

You should contact the reseller or TAC to obtain fixed software.

Thanks for your input.

I'm trying to get a newer image from the re-seller. As I don't have CCO access, I'm not certain what release should be the best fix, or if for example I can go directly from 7.01 to 7.2

Regards,

M

I don't think that you get an upgrade from 7.0 to 7.2 for free without a service contract.

What you should get is 7.0.7.GD.

That's the first PIX 7 software that is a GD version so maybe it's not so bad anyway.

If 7.07GD is stable, that's all I require at this point. Anyway I don't know what "goodies" are in 7.02 in terms of enhanced functionality as I don't have CCO access :-(

That in itself doesn't make sense to me from a consumer point of view.

Many thanks for your info,

M

There are in fact many enhancements and new features in 7.2. Without a CCO account you can still check the release notes for new features: http://www.cisco.com/en/US/docs/security/pix/pix72/release/notes/pixrn72.html

If you don't need the new features, 7.0.7 is the most stable software you can get.

Mattias,

I have upgraded to 7.07; will post back in a couple of days/weeks if this fixes the issue, or sooner if not ;-)

Many thanks,

M

Guys,

Thanks for the replies - I didnt get the notifications by email of new posts! I am awaiting a SMARTnet contract on the firewall so we can upgrade IOS, I am hoping that will sort the issues.

MJPGallagher - Let us know how you get on, would be great to hear if you get the issue resolved :)

Thanks,

Paul

Unfortunately 7.0.7GD hasn't fixed the issue (although it does give more crash info); PIX rebooted twice on the 3rd Aug, post-upgrade and 6 times on the 4th, No times yesterday & not yet today... Extremely frustrating.

Can you attach the crash info?

Crash log attached...

Interesting, I have never seen a route_process crash before.

You are running RIP on at least one interface?

Is it always this process that crashes?

You could try to disable RIP if possible, to see if this is the cause.

I searched for bugs related to the route_process or RIP but I couldn't find anything. Perhaps it is time to open a TAC case.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: