CSA 5.2 DHCP

Unanswered Question
Oct 1st, 2007
User Badges:

I may be having a possible issue with CSA 5.2. I am hoping someone out there can lend a hand. All CSA agents are in test mode (supposedly nothing is blocked, but events can be logged).


Every now and then, a host with the CSA agent does not get a DHCP address. It just doesn't get one.


If I disable the CSA agent, the host does get a DHCP address.


There are times the host will get a DHCP address ...


I double cheked the switch, the host's port has portfast enabled.


Thank you for any thoughts,


Mike

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
tsteger1 Mon, 10/01/2007 - 16:06
User Badges:
  • Red, 2250 points or more

Any events either in the Windows event logs or the MC?


It will also log CSA events to C:\Program Files\Cisco\CSAgent\log\csalog.txt.


Tom

mherald Mon, 10/08/2007 - 20:32
User Badges:

Thank you for the reply. I do not think it was a CSA issue. I believe there was a combination of different software that started during boot up (CSA, Antivirus, Network connection Manager, etc). One of which made it a long time to make any network connection active, thus the client not getting a DHCP address.


I did upgrade to R255. I am not having any issue with desktops, just the laptops with a lot of software that loads during boot up ...


Mike

tsteger1 Tue, 10/09/2007 - 09:07
User Badges:
  • Red, 2250 points or more

I've had that problem with laptops as well, especially when they have both NICs active.


One of my attempts to solve the "too many things loading at startup" dilemma included disabling the NIC that wasn't needed.


It seemed to help.


The other thing I did was clean as many useless startup items as I could (reader_sl.exe, Qtask.exe, Jusched.exe, to name a few) and turn off all unneccesary services.


Every vendor seems to think theirs is the only software on the system and must start up immediately, thus competing with every other product that thinks so.


I think the company that perfects the startup control will gain an advantage.


Thanks for letting me vent...


Tom

akciscoman Thu, 10/04/2007 - 07:58
User Badges:

Hi Mike I also have this problem and cannot find any reference to this on the net can anyone help i'm currently going through the logs on stored locally on the PC but no help with events shown on MC if I find anything I'll post back...

akciscoman Fri, 10/05/2007 - 05:21
User Badges:

Hi Tom,


Many thanks for your reply... I have tried the suggested fix for this problem and at first I thought it worked but I?m still getting this problem.


I have disabled all network shield rules just in case but still no luck, even placed the host into learn mode and this didn't work, I thought it could be something else - windows related but this problem always disappears when the CSA service is turned off.


Could you think of anything that would cause the agent not to enforce the new policy I am generating the rules after any changes are made and I am also waiting the agent to pick up the new policy before testing but I'm not sure what else to do, is there possibly a rule I haven?t disabled.


Any suggestions would be greatly appreciated


Regards


Atilla

tsteger1 Fri, 10/05/2007 - 07:38
User Badges:
  • Red, 2250 points or more

Hi Atilla,


If you are running .203 you may want to test 225. The workaround may not always fix this bug.


Is your second question a different problem or related to the first one?


Tom

akciscoman Fri, 10/05/2007 - 07:55
User Badges:

Hi Tom,


Once again thanks for your reply...


I am running v.203, the second question is related to the first due to the difficulties I have been experiencing I thought that maybe I have been making mistakes or overlooked something while changing the host rules (for example not giving the hosts enough time to update the rules) but it seems I am making the changes and the host is receiving the updated policy, it?s just that it still has this problem.


When you think about it this means any changes made to rules may not have any effect on the hosts which seems to be a big problem with this version of CSA Cisco must be aware of this but this doesn't seem to be included in the fixes in v.225


Regards


Atilla


tsteger1 Fri, 10/05/2007 - 12:17
User Badges:
  • Red, 2250 points or more

I think the exact bug you describe is fixed in 225. I guess the only way you'll know for sure is to test it.

There were two hotfixes since 203 and they fixed a number of bugs.


More here:


http://ftp-sj.cisco.com/cisco/crypto/3DES/cw2000/csa/hotfixes/CSA_5.2.0.225_readme.txt


I see problems sometimes with hosts updating rules within 30 seconds at startup which seems to be the time allowed by the agent.

I haven't seen any with 225.


You might look for those events in the application event logs.


Tom

akciscoman Tue, 10/16/2007 - 08:26
User Badges:

Hi Tom,


After some testing it seems the update to v.255 worked, thanks for your help!


Regards,


Atilla

tsteger1 Tue, 10/16/2007 - 12:19
User Badges:
  • Red, 2250 points or more

Hi Atilla, you are quite welcome. I'm glad it worked.


Tom

1cmerchant Tue, 11/13/2007 - 13:44
User Badges:

Just wanted to point out that my organization experienced the same problem recently. We upgraded from CSA v4.5 to CSA v5.2 r203 and about 20% of the user PC's had problems obtaining a DHCP address at boot. Upgrading CSA to v5.2 r238 appears to have resolved the issue, although there was a lot of maintenance and clean up work to be done, as this is essentially treated a 'new' installation of the MC server, etc.

Actions

This Discussion