08-09-2010 03:32 PM - edited 03-11-2019 11:22 AM
Hi halijenn / kusankar / NT ,
I am having an issue in which customer is having ASA 5520 firewall pair (active , standby) , 8.0.3 Code running in mutiple context mode and having VPN Premium license.There are huge no. of context (approx 14) configured on the firewall , he says that as soon as the firewall was configured with one more logical interface and a nameif command was issued under the relevant context , the traffic stopped traversing across other contexts and he has to issue failover and susbequent reload of that firewall (on which issue happened ) to get back to normal . He doesnot have syslogs for that instance .Please let me know if this is a bug or if there is any probability that he might have gone wrong somewhere .
08-09-2010 06:17 PM
Are you sure it is running 8.3 code?
There were defects in the past: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy75345
How many sub-interfaces does he have configured presently? Traffic breaks after creating how many-th interface? Routed or Transparent?
If this is 8.3, I suggest you open a TAC case and work with an engineer as this sounds like a new defect.
-KS
08-09-2010 06:47 PM
Hi kusankar
thanks a lot for replying. This is an issue with 8.0(3) code and not 8.3 . This is a routed mode firewall . There are approx . 14 contexts and around 56 logical interfaces created .
25 vlans on Gig 0/2
30 vlans on Gig 1/0
1 vlan on Gig 1/2
He has already created logical interface , assigned vlan , then assigned it to the context , went to the specific context .Once he entered the command "interface Gig1/2.X and did a nameif and then he was not able to gain enable privilege in that particular context to revert those commands. He also tried to remove the allocation of the Interface from that context however no success .Hence he did a failover and then reboot the asa.
08-09-2010 07:40 PM
Oh sorry I read it as 8.3. So, yes this is a known issue. Pls. upgrade the code on the ASA to 8.0.5
-KS
08-09-2010 07:53 PM
hi kusankar
thanks a lot ! which bug i am running into out of above ? Is ASA 8.0.3 a known IOS affected by this bug ?
08-09-2010 08:00 PM
CSCsy75345 for sure. You may run into the other one as well. 8.0.5 has the fix for both the defects.
-KS
08-10-2010 03:04 AM
hi kusankar
thanks for the reply , In my case i do have multiple context and mac-address auto command ; however i donot have context with less than 8 subinterfaces .Also this bug was found for 8.0(4) and my version is 8.0(3) is this applicable for me ? Also this issue occurs for me when nameif command is entered in the logical interface ; however there is no mention of the same in the bug . Can you please elaborate as to what exactly happens in this bug
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: