Our Cisco ASA5510 firewall has just started to receive these "memory allocation errors". The first time this happened, it occurred after the firewall had been up for 294days without issue. To fix this the first time, I reloaded ASA. It's happened again this morning but, I've taken a 'sho tech' before it reloaded.
We did enable the WebVPN part more than a year ago. It's not being used but, still enabled. The memory usage averages approx 184MB.
As the memory allocation error has happened twice now, if it happens a third time I'm going to disable the WebVPN part. As this link refers to newer code that fixes an issue with memory allocation errors related to WebVPN.
Apologies, I should have put further information in this. When this weird issue occurs, users are complaining that they're unable to access sites with https or any site that you login to like 'my ebay' and our payroll site which is https. All other sites on port 80 or obscure non standard http ports work without issue only https. Then I noticed that the ASA had the memory allocation error, cycled the power, it went away for nearly 3 days and came back again. It's now been 1 day since I reloaded the ASA and so far it's OK. but, I know it's going to happen again.
All I have is the screenshot attached of the memory allocation error in the ASDM.
The below is the ASA after running 1 day since reload,
The free memory displayed approx 27% when the 'memory allocation' error occurred and it's approximately that now. I'll have to monitor it and post results.
Well, as I mentioned there is nothing we can tell just from this output. We would have to get the same output on a regular basis, and check the differences. Even then it will probably not tell us enough to really pinpoint the culprit.
"show blocks" might help, also taken at regular intervals to check for a decreasing trend.
But still my suggestion would be to upgrade and/or open a TAC case if you can. If you don't want to upgrade for whatever reason and don't really use webvpn then of course you can just disable it and see if it helps.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...