I have an odd problem I am hoping someone can help me with.
I have a Pix 515 firewall Restricted with 16MB Flash and 64MB RAM. Whenever I tried to boot it with version 7.0.8 or 8.0.4, the firewall stays up for about 5 minutes and then it reboot itself every five minutes. With version 7.2.3, it seems to be stable to stay up without reboot.
My configuration is very simple:
nat (inside) 1 0 0
global (outside) 1 interface
access-list External permit ip any any log
access-group External in interface outside
Anyone run into this issue before? Thanks in advance
CiscoPix# sh ver
Cisco PIX Security Appliance Software Version 7.2(3)
Compiled on Wed 15-Aug-07 16:08 by builders
System image file is "flash:/pix723.bin"
Config file at boot was "startup-config"
CiscoPix up 50 mins 7 secs
Hardware: PIX-515, 64 MB RAM, CPU Pentium 200 MHz
Flash xxxxxxx @ 0x300, 16MB
BIOS Flash xxxxxx @ xxxxxx, 32KB
Encryption hardware device : VAC (IRE2141 with 0KB, HW:1.0, CGXROM:1.9, FW:6.5)
0: Ext: Ethernet0 : address is xxxx.yyyy.zzzz, irq 11
1: Ext: Ethernet1 : address is xxxx.yyyy.zzzz, irq 10
2: Ext: Ethernet2 : address is xxxx.yyyy.zzzz, irq 9
Licensed features for this platform:
Maximum Physical Interfaces : 3
Maximum VLANs : 10
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Cut-through Proxy : Enabled
Guards : Enabled
URL Filtering : Enabled
Security Contexts : 0
GTP/GPRS : Disabled
VPN Peers : Unlimited
This platform has a Restricted (R) license.
Serial Number: xxxxxxxx
Running Activation Key: 0xxxxxxx 0xxxxxxx 0xxxxxx 0xxxxxxx
Configuration has not been modified since last system restart.
try to see if u can find any crashinfo file saved under the other two codes, if any carsh info u see perhaps we can look at open caveats on those codes .. my gues must be software as pix can stay up in 7.2.3 code.
I knew you were going to ask about the crashinfo file. After the Pix reboot, I see nothing in the flash: except the binary file pix708.bin and pix723.bin files. Maybe the flash: does not have enough space for the crashinfo.
Funny thing is that version 7.0.8 is GD (General Deployment) so one would expect it to be a much more stable version than 7.2.3 which is a Early Deployment (ED) version.
Did you oly used the codes without using asdm image intalls perhaps to leave space for crashfile I assume you probably did, or try other code other than the GD and 8.0.4 .. it could well be new bug hard to tell without crashfile for tac to check.
I'm suspecting a memory issue as I've run across similar issues with a 64MB 515E running 7.2(3).
Please provide the output of 'show blocks'
CiscoPix# sh blocks
SIZE MAX LOW CNT
0 100 100 100
4 300 299 299
80 100 68 100
256 612 504 612
1550 2031 1354 1647
2048 100 100 100
The memory blocks look fine. As far as I know 8.X code has never been supported on the 515E. I'd install 7.2(3) as this is a Cisco-Supported implementation.