Cisco Firewall :: High CPU Util Due To Syslog In PIX 515E 7.2(4)

Dec 14, 2011

I am facing high cpu util  issue   80% in pix 515E with IOS 7.2(4).When a syslog is enable for informational/warnings level traps the util goes to 80% where as other wise it is observed to be 36-37%.When i changed the trap level to alert the util seems to be normal, only the issue is when warning and info traps are configured, prior to the issue the same settings were working absolutely fine ,suddendly the util issue has occured.

View 3 Replies


ADVERTISEMENT

Cisco Firewall :: High Cpu Utilization On Pix 515E?

Aug 9, 2012

I am facing high CPU util on my pix 515 E which is in failover mode.During peak hours the util is see rising to 60% where as in off peak hours it is normally12%.
 
During normal operation the average utilisation was observed to be 30% but suddenly from 2/3 days it is constantly 60% doule the value as earlier. Have gone through the logs and traffic but not able to tarce anything particular
 
below is the o/p of some command taken for analysis
 
IOS version 8.0(4) 
sh cpu usage
CPU utilization for 5 seconds = 51%; 1 minute: 61%; 5 minutes: 58%
sh cpu usage

[Code]......

View 1 Replies View Related

Cisco Firewall :: Very High Memory Utilization In PIX 515e?

Feb 15, 2012

We had two PIXes in our environment and working as a active-failover mode. Its noted in now a days the active PIX memory utilization is 98% and for standby PIX it is 96%. And also in some times we were experiencing packet loss to the ip of active PIX and which reflects in the inside servers access also. During that time the active pix was not accessible via ssh as well as ASDM. We have tried reloading the PIX and changing failover state of the PIX, but it results only a temporary solution. Current memory installed is 128 MB (maximum upgraded), so a upgrade is also not possible. Please see the show command outputs from the PIX. Current Software version is 7.2(4)
 
sh memory output (PIX 1 - active)
 Free memory:         4850944 bytes ( 4%)
Used memory:       129366784 bytes (96%)

[code]....
 
1) How we can pin point the root cause of this high memory utilization?

2) What might be the reason for the high memory utilization for the standby pix (96%), still the PIX is in idle state?

3) Is it a hardware issue or a memory leak issue, then how can we find out?

4) Is a software upgrade to new version resolves the memory issue?

View 10 Replies View Related

Cisco Firewall :: ASA 5500 Syslog Not Getting Captured In Centralised Syslog Server

Jan 15, 2012

Recently i have upgraded the IOS of ASA5550 (in HA mode) to 8.4.2 from 8.0.5, after OS upgrade we found that the syslog from thses firewalls are not getting captured/transfered to centralised syslog server. The server is reachable from the firewalls.

View 3 Replies View Related

Cisco Firewall :: Import PIX 515E 6.3(5) Config Into New PIX 515E 8.0?

Aug 22, 2011

I need to redo the configuration on the new one?

View 11 Replies View Related

Cisco WAN :: High CPU Utilization Is 2600 Due To Syslog Traps

Sep 21, 2011

Iam facing an issue with high cpu utilization of cisco 2600 router . When i give show cpu process command i can see three  process are using high cpu those are as below
 
Router #sh proc cpu sorted
CPU utilization for five seconds: 90%/3%; one minute: 92%; five minutes: 87%
PID    Runtime(ms)    Invoked        uSecs    5Sec      1Min         5Min      TTY   Process
79       34734981       380093         91388    61.99%    60.36%    55.28%    0     Syslog Traps
70      3468095320    810529544     4278    14.41%     16.05%    16.15%    0      Encrypt Proc
32      2386134243    2409465973      0       6.79%       6.40%       6.57%    0      IP Input
 
What may be causing this issue.

View 2 Replies View Related

Cisco WAN :: After IOS Upgrade To 15.x On 2811 MEM Util Raised From 20 To 43 Percent

May 29, 2012

after IOS upgrade to 15.x on Cisco2811 MEM util raised from 20% to 43%. Is it critical?Which level of MEM utilization is critical?

View 6 Replies View Related

Cisco Firewall :: ASA 5510 7.2.1 High Traffic On Outside Interface Very High Input?

Oct 13, 2011

Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today.  On the dashboard of our asa 5510 the "outside interface" traffic usage is running constantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.

View 6 Replies View Related

Cisco Routers :: SA 500 - Ability To Send Syslog Events To Multiple Syslog Servers

Jul 7, 2012

Add the ability to send syslog events to multiple syslog servers in the SA500 Series routers.  I know the functionality is currently in the RV220W because we utilized it.  It would be great if you could configure the syslog servers by event type as well.  For example, being able to send the kernel events to syslog server A, and all other events to syslog server B.

View 0 Replies View Related

Cisco Firewall :: 5550 Firewall Syslog Message

Feb 22, 2013

I have cisco 5550 Firewall, one messages appear in syslog server from Firewall, (warning) i want to stop this message from appearing syslog traps.

View 2 Replies View Related

Cisco Firewall :: SNMP V3 Support IOS On Pix Firewall 515E?

Jun 13, 2012

I have an Pix 515E firewall with Pix724-33.bin IOS. I just want to know that does this IOS support SNMPV3 or I will have to upgarde it with some other version.

View 1 Replies View Related

Cisco Firewall :: 515e / Traffic Not Passing Through Firewall?

Jan 16, 2013

Ive got a problem with passing traffic through a Cisco 515e firewall.im trying to telnet to devices on the inside net, 172.16.x.x fom an outside net 10.x.x.x? ive configured a group called infrastructure and added the 10.x.x.x addresses.ive configured acl 101 inbound on the outside interface:

access-list 101 permit tcp object-group INFRASTRUCTURE any eq telnet
 
theres a route to the inside net:

inside 172.16.0.0 255.255.0.0 172.16.163.1
 
and theres a translation:

static (inside,outside) 10.4.4.34 10.4.4.34 netmask 255.255.255.255
 
when i try and connect, using a packet capture  I can see traffic from 10.4.4.34 to the inside device 172.x.x.x on the inside interface but i cant see the traffic leave the outside interface ive used the same group infrastructure group before to connect to VM machines on the 172.x.x.x net on RDP and this wrks ok. access-list 101 permit tcp object-group INFRASTRUCTURE object-group VMs eq 3389

View 8 Replies View Related

Cisco Firewall :: Transparent Firewall Configuration In PIX 515E

Nov 25, 2012

I am trying to set the PIX firewall to transparent mode.After I set it to transparent firewall, I allowed all icmp, tcp, udp traffics.Currently, any devices in the inside network can get the ip automatically from DHCP server in the outside network but cannot ping to any servers in the outside network either access the internet.Do I need additional confiration on the firewall?
 
Here's the configuration:
 
PIX Version 7.0(1)
firewall transparent
names
!
interface Ethernet0
[Code]....

View 1 Replies View Related

Cisco Firewall :: 515e / Nating On Pix Firewall?

May 20, 2013

I have Pix firewall 515e on inside interface its has configured with IP 192.168.0.254.And Global Nating is configured.

global (outside) 1 interface
nat (inside) 1 192.168.0.0 255.255.255.0 0 0 
 
I want i configured Global nating only for only specific IP address E.g 192.168.0.0-192.168.0.30 and 192.168.0.200-192.168.0.254?How i do this?

View 13 Replies View Related

Cisco Firewall :: PIX 515e MAC To IP?

Oct 6, 2012

I have the following network.2 WAN links termination on my PIX 515e and all internal users connected to third interface.
 
Problem I am facing is that I have assign manual IP to users with some have full access to Internet while others have limited.
 
The users are changing their IP address while others are offline and I want to restrict them.
 
The only way I can think off is by binding IP to MAC as e.g ( Active wall software). But can it be done on PIX 515e and if so how?

View 11 Replies View Related

Cisco Firewall :: To Get Activation Key For PIX 515E

May 13, 2012

I have erased the Cisco image from my PIX 515E, and while i tried to load a new image its asking for activation key. I tried its old key. but no use.

View 1 Replies View Related

Cisco Firewall :: SSH Authentication In PIX 515E?

Sep 5, 2012

I have a PIX 515 Ewhich does authentication for SSH via RADIUS protocol and fails over to the local database if radius server goes offline. But when the radius server comes back online, authentication still takes place through LOCAL and not the radius server. Following are the commands:
 
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10

[Code].....

View 3 Replies View Related

Cisco Firewall :: PIX 515E Cannot Get Traffic Out

Dec 15, 2011

\I just configure my PIX 515E with version 7.0(4) and having problems to get traffic out on eth0 (if name outside). There is no problems between different VLAN ,all VLANs are configure on eth1. It is also possible to accass services on VLAN 10 (DMZ) from outside. The only thing I see in syslog is "Built Outbound" and "Teardown".

View 11 Replies View Related

Cisco Firewall :: NFS Protocol Across Pix 515E

Dec 30, 2011

I have a Pix 515E running PixOS version 8.0.4 with two interfaces, inside and outside.On the inside interface, I have a Redhat Enterprise Linux 5.4 64 bits machine as an NFS server version 4 (NFSv4).On the outside interface, I have three (3) Redhat Enterprise Linux 5.4 64 bits as NFS clients.I am looking for the exact UDP and TCP ports to be added to the ACL in order to accomplish

View 1 Replies View Related

Cisco Firewall :: Upgrading Pix 515E To ASA

May 15, 2012

I need ot upgrade a Cisco PIX 515 E to A Cisco ASA (not sure what type and modle yet!). the PIX currently has about 80 lines of ACLs and no VPNs. So only inside and outside interfaces and 80 lines of ACLs to be transferred over to the ASA.I was wondering if the ACLs can be transferred over to ASA as is?is there anything that I need ot watch for?

View 1 Replies View Related

Cisco Firewall :: TCP Tear-down In Pix 515e

Jun 30, 2011

I have an issue in the Cisco PIx 515e series. The IOS is 6.1(2).I have set sepecific access-list to allow incoming traffic to inside interface. But still the TCP 3-way handshaking is dropped here. [code]

View 6 Replies View Related

Cisco Firewall :: How To Allow Protocol 97 In PIX 515E

Oct 22, 2012

What would be the access-list entry to allow protocol 97? I am setting up foreign-anchor controller and need to allow protocol 97.

View 1 Replies View Related

Cisco Firewall :: ASA 5510 Syslog Configuration?

Jul 30, 2011

i want to configure asa 5510 to send syslog messages to syslog server which i placed in my inside interface. also if enableing syslog will inrease the cpu utilization or memory? the necessary configuration parts?

View 1 Replies View Related

Cisco Firewall :: Syslog Output Not Going To ASA 5510 On 8.2.2

May 24, 2011

I have an asa5510 on 8.2.2.  I have my logging configuration as below [code] I am not getting any syslog output to the syslog server.  I'm using kiwi syslog server latest version.  Have tried disabling/reenabling logging and changing inside host destinations.  Is there another command needed

View 4 Replies View Related

Cisco Firewall :: Syslog Server Setup Pix 6.2?

May 9, 2011

I need to setup a syslog server for PIX w/ 6.2 and was hoping to get detailed instruction how to go about it. I would like exact syntax w/ an example on the pix and any configuration on the computer that will be receiving the log info.  I have downloaded tftpd32 onto computer

View 1 Replies View Related

Cisco Firewall :: ASA 5510 ACE Syslog Configuration

Dec 5, 2012

I've a problem with syslog logging on my Cisco ASA 5510 version 8.2(1). I need to:

- 1) log some ACL with warning level to log deny access.
- 2) log some ACL with informational level to log permit and deny access (notification level log only deny access and not permit access).
- 3) not log others ACL.
 
For 1), I configured the syslog server with warnings level and i enabled the logging rules with default level (syslog default level)
logging enable logging trap warnings logging host "interface" "host" . access-list "interface" extended permit ip any any log default.
    
For 2), I enabled the logging rules with specific level (informational).
access-list "interface" extended permit ip any any log 6 interval 300.
 
For 3), I disabled the logging rules.
access-list "interface" extended permit ip any any log disable
 
My problem is that the syslog logging level bypass the ACL logging level. Even if some ACL are configured with informational level, the ASA send only warnings logs to the syslog. I tried to configure the syslog default level to warnings, to remove the ACL and then put it back again with the specific logging level but I still have the problem.

View 1 Replies View Related

Cisco Firewall :: Pix 515E Could Configure The Device

Oct 2, 2012

We just switched over from a T1 line to 50/4 Mbps cable Internet.  The speed was fine with the T1, but when we switched over to cable, the  download speeds didn't increase.  I'm getting 2-3 Mbps up and still only 1.5 Mbps down.  I inherited this network a few years ago, so I didn't configure the Pix initially but I have been managing it and can't find a setting limiting the bandwidth for the liffe of me.  I know it's not the Internet because when I connect a computer straight to the modem, the speed is great.  As soon as I put it through the Pix though, it slows way down. 

View 8 Replies View Related

Cisco Firewall :: PIX 515E Port Redirection?

Nov 30, 2011

I'm trying to use port redirection to allow outside access to a internal web server. As far as I can see, everything is configured properly. The Open Port Checker tool from yougotsingle.com says that the port (80) is open. However when I goto access it the connection times out.     The external address is static from my ISP, and I will call it xxx.xxx.xxx.xxx. The server is at 10.1.1.20, and is functioning properly over the LAN.

View 7 Replies View Related

Cisco Firewall :: How To Reset PIX 515E Password

Mar 29, 2011

I have Cisco PIX 515E for my Lab and can't recover the password. It is not connected to the network. I have configured server, address, gateway from the monitor mode and tftp not seeing my laptop. best way to reset or recover password.

View 7 Replies View Related

Cisco Firewall :: ASDM 524 Not Working On PIX 515e 7.2.4(30)

May 21, 2012

I've been struggling to get ASDM (PDM) installed and running on my PIX 515e. The PIX IOS version is 7.2.4(30) The ASDM version I've copied to flash is 524.

I've followed the Cisco documentation verbatim, however I still cannot connect via the Java ASDM client or via http. When I try to connect via http, my PIX shows the following error: "tcp access denied by acl from..." I do not this this is a security (ACL) issue as I've tested after opening everything up and still no luck.
 
Here's my running config (w/ the relevant statements prepended with ">>>"):
  
show run
: Saved
:

[Code]....

View 14 Replies View Related

Cisco Firewall :: PIX 515E Stop Booting Up?

Sep 18, 2011

I have the following Pix 515E Firewall, that has been working good for a few years.  But suddenly, the Pix stop booting up.  The only thing that is happening is the power and network traffic led flashes and the active led is off. So my question is that is this symptom a hardware or software problem and is it fixable with either new parts; or is my firewall dead.  I suspect that it is a hardware problem since the active led doesn't light up. I cann't even enter the ROM Moniter mode.

View 7 Replies View Related

Cisco Firewall :: Clearing DF-bit On PIX-515e Running 6.3

Feb 16, 2012

What would be the command to clear the df-bit on a PIX-515e running 6.3? I have tried the following:
 
conf t crypto ipsec df-bit clear-df inside and it doesn't take it.

View 1 Replies View Related

Cisco Firewall :: PIX 515E 6.3.3 - DMZ Creation Doubts

Jul 26, 2011

I need to create a DMZ zone in my network. One server need to be put in DMZ. I have a PIX 515E 6.3.3. It has free port to create DMZ.

1) Put a new switch for DMZ zone
2) Connect it to the DMZ port
3) Create a NAT for inside to DMZ with same IP as inside
4) Create ACL for permiting traffic to DMZ and apply it to outside interface
5) Create ACl for permitting traffic from DMZ to inside
6) Routing for DMZ in PIX

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved