Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISA570 Web interface stops working

We have a ISA570, and then we make changes sometimes the web interface will crash and then completely stop responding, and then no longer loads until we hard reset the router.

However the firewall continues to pass packets, etc.

When the problem occurs the only thing that seems to be logged are the following errors. Be aware these are all repeatedly logged, I've truncated them down. Additionally we're syslog shipping to capture these, so given the box is on it's ass when this happens I'm unsure if these are complete:

11 2014-10-31 09:40:31 Oct 31 09:40:31 router321142 - Err - System:  sdsd: open_control_msgq: Failed to open sdsd control message queue, errno = 9 (Bad file descriptor)
11 2014-10-31 09:40:31 Oct 31 09:40:31 router321142 - Err - System:  sdsd: msgq_open: Error: mq_open() failed on msg queue /sdsd, errno = 2
11 2014-10-31 09:40:31 Oct 31 09:40:31 router321142 - Err - System:  sdsd: open_control_msgq: Failed to open sdsd control message queue, errno = 9 (Bad file descriptor)
11 2014-10-31 09:40:31 Oct 31 09:40:32 router321142 - Err - System:  sdsd: msgq_open: Error: mq_open() failed on msg queue /sdsd, errno = 2
11 2014-10-31 09:40:31 Oct 31 09:40:32 router321142 - Err - System:  sdsd: open_control_msgq: Failed to open sdsd control message queue, errno = 9 (Bad file descriptor)
11 2014-10-31 09:40:31 Oct 31 09:40:32 router321142 - Err - System:  sdsd: msgq_open: Error: mq_open() failed on msg queue /sdsd, errno = 2
11 2014-10-31 09:40:31 Oct 31 09:40:32 router321142 - Err - System:  sdsd: open_control_msgq: Failed to open sdsd control message queue, errno = 9 (Bad file descriptor)

I've just tried Cisco support for this, but as we bought the box 13 months ago we're not eligible for support. Frankly thats pissed me off a bit, as it started doing this just prior to the warranty expiring and whilst I understand to an extent I'm not inclined to renew the security services license and bin the box right now.

We've tried disabling various different parts of the configuration, etc. we're on firmware version 1.2.20, but it was also happening under 1.2.17. Unfortunately sometimes it can go for weeks without this happening, or sometimes it may be within minutes of a reboot. The only trigger appears to be when we make changes, but its not all changes, and there is no consistency as to what changes we make.

The only thing I've not yet tried is backing up the configuration, factory resetting it and reloading the config - I'd gladly take any other suggestions or advice.

2 REPLIES
New Member

Just incase anyones

Just incase anyones interested, I've managed to resolve this by turning off the security services. Thus far we've been several weeks with any crash. Seems to have no pattern as to which particular security service was causing it.

A factory reset and reflash did not help.

New Member

Yeah, I have two of them and

Yeah, I have two of them and we are still running 1.2.15 as it was the most stable out of any of the firmwares we tested.   Unfortunately, these things became basically end of life the year we bought them and we had no idea lol. Some issues I have seen are, can't use SSL as the heartbleed patch isn't applied in this firmware version. Also, it has issues where the browser stops responding, which locks up the web interface for a little bit.   I can't even get syslog sent to my computer from this firewall, it doesn't seem to send any data at all according to wireshark.  Another issue is if you have two isp's with failover set to ON, I can ping both WAN interfaces from the outside just fine.  However, If you disable failover, ping seems to always work to one WAN interface, but pinging the other WAN works for a bit and then stops responding to ping all together at random times.  This makes it hard for our ISP and our software to monitor our connectivity.  Other firmware versions were randomly rebooting on us and were showing tons of errors in the log so we gave up on those versions, stuck on .15 till we can get these replaced.    

178
Views
0
Helpful
2
Replies
CreatePlease login to create content