I am running IOS version 8.0(5) in cisco ASA 5520. This issue i am facing is that when the memory utilzation reaches 49 percent, the web-vpn users are not able to login as they are getting a blank page. The only error which is getting in the output " sh mem webvpn allobjects" is ERROR: Memory allocation failed?
View 2 RepliesI am currently getting a strange error when trying to use and crypto services on our ASA 5520 (8.0.3)Initially I observed that a connected VPN had dropped.Then when I attempted to use ASDM or SSH I was blocked.
In the end I opened telnet as a test and this was successful. Syslog also shows that traffic is passing as normal.The only obvious error I can see when observing various debug traces is this;
FW02# CTM: rsa session with no priority allocated @ 0xCF1FBBA0
CTM: Session 0xCF1FBBA0 uses a nlite (Nitrox Lite) as its hardware engine
CTM: rsa context allocated for session 0xCF1FBBA0
CTM: rsa session with no priority allocated @ 0xCE7A5EA8
[code]....
We have a Cisco 881 router, which is crashing. We have seen that the ARP cache fills up so much it causes things to crash, our phones go down.. We dont know why this however IP CEF seems to be doing it, when we disable it goes away however disabling IP CEF causes our L2TP tunnel to become inoperable also. So why does IP CEF cause thousands of AR entries and how can we limit that!? Below is the error, sample of the ARP cache and our config. You will notice we also have a /31 given to us on WAN interface, this was given to us by our service provider. This is really strange I cant find other examples on internet.
The error:
Nov 1 04:21:57.474: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x81F083F4, alignment 16
Pool: Processor Free: 55176 Cause: Not enough free memory
Alternate Pool: I/O Free: 2352 Cause: Not enough free memory
[code]....
I'm having a problem with the memory and also trying to create some rules on the CISCO ASA. The version that I got installed was the 8.2.5.33 on a CISCO 5520 with 512 RAM, the memory usage is on 99% used, 1% free and because of that when I'm trying to create a new rule the firewall brings me the next error..So what I did was a downgrade to the version 8.2 (4) 4 and the memory went down a little (82% used, 18% free) but I still got the error when I'm creating an access rule on the device. One thing and I'm not sure if this could affect on the performance are the number of access list and the object groups that are created.
I already open a case with CISCO TAC and they are checking if the problem is with the memory capacity or maybe a memory leak.Also the doubt that I got is with the memory that I got now available should I can create access rules or 82 is still to hig to create a rule or and object group?
I am using a Pix515E with 8.0(3) and 128MB RAM. It ran OK for months but has recently had several episodes during which it produced streams of memory allocation failures (syslog 211001). When in this condition I could not log into the VPN. It was still operating but some users were having problems and I eventually had to restart it.
The traffic load is typically 10Mbps, and the max number of connections is around 10,000 but typically 5,000. The CPU usage is 10%-20%. There is 1 VPN with normally 1 client. The memory usage is always high, between 115MB and 120MB but during these problems it creeps higher.
Why might the memory usage be so high when my network load is quite light for the 515E? What circumstances cause the memory usage to increase during operation? Is there anything I can do to prevent the memory usage increasing to the point where the PIX crashes?
I have a second 515E with 8.0(4)32 and 64MB RAM, loaded with the same config. I have not had this one in service, but off-line it is using 53MB of memory. If the spare pix needs 53MB to load the firmware and my config, why does the other one use 115MB?
I am having Cisco 3845 series router with c3900-universalk9-mz.SPA.151-4.M2.bin IOS . I want to install new Licence on it for DATA. When i am trying to install licence on it i am facing the error "% Error: License installation failed with error: XML parsing failed".
View 4 Replies View RelatedRecently i atsrt having problems with my cisco router 1811/k9, apparently was booting continiosly when restarted.
After i connected my console i found the problem while booting:
DDR memory test failed. Resetting the router ...
I tried to contact cisco TAC, but i need a reseller contract number to place a ticket, i do not have a resller contract number as my router was bought more than two years ago. I called cisco support and they told me to contact my reseller, my reseller told me to contact cisco so i am in a eternal loop of forwarding phone calls...
I got an asa5510. After problems with ipsec connections the log said :
LU allocate xlate failed this error repeats every minute. At the cisco site i found the following :
explantion : stateful failover failed to allocate a translation (xlate) slot record recommended Action : check the available memory by using the show memory command to make sure that the security appliance had free memory in the system. If no memory is available, add more memory
But when i do there is free memory. (about 54%)
What can i do to fix this ?
We recently installed Cisco 6509-E with dual Sup 720-BXL. We are using this switch on internet Edge. Internet connection is terminating on 10GIG fiber port.We do have following line cards installed.
1. 10 GIG * 4 port line card
2. 1 GIG * 8 port line card
3. Empty
4. Empty
5. Sup 720-3BXL
6. Sup 720-3BXL
7. 1 GIG * 48 ports
8. 1 GIG * 48 ports
9. 1 GIG * 48 ports
We do have 2 GB internet pipe.We are running load test sending http port 80 request and when load reach to arround 100 to 200 mbps and connections from out side to inside 80,000 switch start reponding very very slow and start packet loss and when I try to ping from one server to second server it show normal ping but if I tried to ping gateway IP of server which is SWITCH IP it show packet loss and very high letancy.
Switch also throw message "No memory available: Update of NVRAM configuration failed"
As soon as I connected my ASR 1002s to the Internet and digested the Internet BGP table, I began receiving this message. I’ve google’d and turned up nothing so far. I assume I need to allocate more memory to this process.
%PLATFORM-4-ELEMENT_WARNING: R0/0: smand: ESP/0: Committed Memory value 312% exceeds warning level 310%
Here's a sh mem:
#sh mem Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)Processor 3008A008 1758530508 647878488 1110652020 1110104020 1109994164lsmpi_io 98FEB1D0 6295088 6294120 968 968 968
I am getting following error on a Cisco 3845 router intermittently.
000312: Sep 26 15:38:19: %CALL_CONTROL-3-STAT_MEMORY_CORRUPTED: Memory corruption detected in memory=69028FA8 allocated for RTCP statistic
000315: Oct 1 08:26:01: %CALL_CONTROL-3-STAT_MEMORY_CORRUPTED: Memory corruption detected in memory=6902E160 allocated for RTCP statistic
Platform: Cisco 3845
IOS: c3845-spservicesk9-mz.124-24.T2.bin
I was looking at my CISCO ASA 5520 and i found something really strange
ciscoasa/VPN-context# sh mem detail
Used memory: 4259249568 bytes (793%)
------------- ----------------
Total memory: 536870912 bytes (100%)
but when I look at the system context this is what I see
ciscoasa# sh mem
Free memory: 170829000 bytes (32%)
Used memory: 366041912 bytes (68%)
------------- ----------------
Total memory: 536870912 bytes (100%)
As far as I know the ASA is working good.
Info of the device
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
l have some problems when l try to access to the switch by telnet or ssh, by the console port , the switch show me the next message:l need restart the switch in order to access it again.
View 5 Replies View RelatedAre the ASA memory DIMMs created for specific models? Would a 1GB 5510 Memory stick work in a 5520?
View 1 Replies View RelatedSince yesterday, i see
Nov 16 13:23:21.355: %SYSTEM_CONTROLLER-3-MORE_COR_ERR: 255 correctable DRAM memory errors in previous hour
Nov 16 13:23:21.355: %SYSTEM_CONTROLLER-3-COR_MEM_ERR: Correctable DRAM memory error. Count 623, log 8053C830
Nov 16 14:23:21.340: %SYSTEM_CONTROLLER-3-MORE_COR_ERR: 255 correctable DRAM memory errors in previous hour
Nov 16 14:23:21.340: %SYSTEM_CONTROLLER-3-COR_MEM_ERR: Correctable DRAM memory error. Count 879, log 8053C810
error on switch console every hour.
ios version : Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXJ1, RELEASE SOFTWARE (fc2)
I'm trying to connect my new Dell Dimension 8400 (3.0Ghz/512Mb/XPsp1) to my home wireless network. I installed two diiferent PCI adapter cards in my one available PCI slot -- an older D-Link (11b) and a brand new Netgear (11g) (which Dell Sales assured me is compatible). Both cards detected my Netgear wireless router and provided an excellent internet connection, so I'm assuming they were seated properly. The problem is that every time I shut down the system I get the blue screen of death with the following message:
-Hardware Malfunction
-NMI: Parity Check/Memory Parity Error
-The System has halted
The system runs and shuts down perfectly when the PCI cards are removed. D-Link and Netgear Support technicians told me I have to contact Dell, but Dell Support doesn't seem to have an answer for me. Which wireless PCI adapter cards are truly compatible with Dell hardware?
In my head office we have Cisco 3845 router.in the router we put the show log command the below error is came..
What is the error??why the error came??
25024684: Feb 29 10:33:13.759 India: %FAN-3-FAN_FAILED: Fan 1 had a rotation error reported.
25024685: Feb 29 10:33:33.759 India: %FAN-3-FAN_FAILED: Fan 1 had a rotation error reported.
25024686: Feb 29 10:33:53.759 India: %FAN-3-FAN_FAILED: Fan 1 had a rotation error reported.
25024687: Feb 29 10:34:13.759 India: %FAN-3-FAN_FAILED: Fan 1 had a rotation error reported.
My client is upgrading from anyconnect 2.5.2014 to 3.1.00495. The ASA is running ASA 5520 version 8.2(5)33 and is in an active/standby failover pair.when trying to push out the new 3.1 from the pair to windows 7 and XP machines, he gets the error "Failed to get configuration from secure gateway. Contact your system administrator". When he tries to push 2.5.2014 and 2.5.6005 out from the pair this works fine.When pushing the 3.1 out from a stand-alone test ASA 5520 it works fine.
View 2 Replies View RelatedWhen I try to log-in to my D-Link DIR-835 Router using IE9, I get an 'Authentication Failed' error. FireFox & Chrome work just fine. what I need to change or fix in IE9 so it will also log-in to my router?
View 13 Replies View RelatedWhile installing ISE 3395 i am getting error failed to start DB!
Database is not available withintimeout of 240 seconds.this could be reason of incorrect network configuration or lack of resources on the appliance or VM, run the folloing CLI to re-prime database 'application reset-config ise'
I had upgraded the MSE to 7.0.202. Release code. The Upgrade along with the 4 database zips went smooth.But the MSE status shows following
View 2 Replies View RelatedGetting this error on the data center 2581 (12.4(24)T) from a GRE/IPSEC tunnel, remote branch is 2811 running 12.4(25d)
%CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=
The tunnel has been up and working okay for months, nothing has changed on the config and the key is correct. Traffic is following but remote users are complaining of performance issues. A wireshark shows checksum errors and lots of packet resends. Remote ISP has checked the circuit and says its clean.The data centre router has quite a few tunnels but only 1 causing this issue. From the head end router -
sh crypto ips sa | b x.x.x.x
current_peer x.x.x.xport 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 15129, #pkts encrypt: 15129, #pkts digest: 15129 #pkts decaps: 13346, #pkts decrypt: 13346, #pkts verify: 13346 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 1, #recv errors 1992
Can a VPN module go bad like this? I've tried disabling the branch onboard engine and using software but it doesn't work.
I have new ASA 5520 from the box and i have configured already int g0/1 with ip 10.15.14.5 255.255.255.0 nameif inside kindly see details below the config
[code]....
We have ASA 5520 as SSL VPN concentrator so users can access internal web from outside. Our internal web also has several internet URL. What we want is when user click internet URL in our internal web, ASA forward those request to internal proxy server. I already config proxy using port 8080 and username "companyuser" and password, but always have authentication failed on ssl vpn browser. We uses forefront TMG as proxy. Username and password have right to access Internet.
View 2 Replies View RelatedWhenever I try to goto a webpage within any browser,despite me being connected to my network(though 1 received packet to every 20 or so sent packet ratio) it tells me that DNS lookup failed. I had a similar issue on my other pc that I use more often,though connecting through WIFI momentarily resolved the issue,before I returning to wired,where everything has been fine. My other pc however has no wifi adapter. So ive been stuck.
View 12 Replies View RelatedI have have a XPS L502X. I decided to make a clean installation based on Windows 7 Ultimate.My problem is when I instal the driver for the "Dell Wireless HSPA 5540" it fails with then warning:
"Authentication failed. The .... driver cannot be installed on this computer...."
How to install driver for this ?
I have a pair of ASA 5520 firewalls running in active/standby mode on 8.3.2.34 code. My configuration performs authentication/authorization into ACS 5.1, however command authorization is failing when I try to execute a command on the standby from the active unit...
failover exec standby dir disk0:/
Fallback authorization. Username 'adminuser' not in LOCAL database Command authorization failed
I don't even see the authentication attempt going into ACS.
we have two ASA 5520, on the failover unit is showing LU allocate xlate failed. We read on [URL] that it could be a memory problem , but have cheked it and we have 85% of memory free on both nodes. We also can see all xlate on failover unit.
We have forced failover this evenig and we can´t stablish outbound connexions by outside interface, we think xlates or nat cant work properly.
I am unable to connect to the internet on my desktop computer. The error message I receive is" Download failed(12007) The sever name or address could not be resolved" I am running windows 7. Hooked up to att uverse. My laptop is working as you can see by sending this message. I have been trying to fix this problem for the last 2 days to no avail. I uninstalled norton hoping it was a firewall problem. On the local area connection it shows IPV4 connedtivety: No Network access.
View 2 Replies View RelatedI have just gone through hours of tech support with my ISP and still cannot seem to get online. Problem is the same as recent posts by jerguy1928, with message "DNS lookup failed...." coming up in Google Chrome. Both IE and FF just say cannot connect.Running Windows 7 on laptop. I have tried alt DNS settings (Google and others), all the CMD suggestions, disabling firewalls etc, etc! Other computer in house connects just fine.Ping works fine. Really, there appears to be no reason to not be able to connect - since I am actually connected!
View 13 Replies View RelatedDHCP Client and Network Location Awareness aren't working. When I tried to start DHCP Client, I got Windows could not start the DHCP Client service on the Local Computer.Error 5: Access is denied. I checked the dependencies and all of them were on. For Network Location Awareness, I got the error Windows could not start the Network Location Awareness on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service cendor, and refer to service-specific error code -1073741288. One of its dependencies is fine, but I don't know how to check the other two, Ancillary Function Driver for Winsock and NetIO Legacy TDI Support Driver. Also, how do I check the event log?Everything on the list that was said to check is running expect these two the lisie was having problems with. I have not had anything with memory recently and have not been able to successfully go through a system restore. I have tried many of the suggestions and just am not sure what to do anymore. The computer works perfectly fine, minus it cannot get on the internet.
View 1 Replies View RelatedWhen I try to connect to our domain I get the error message:Changing the Primary Domain DNS name of this computer to "" failed. The name will remain "(name of our domain)" The specified domain either does not exist or could not be contacted.The procedure is the same I've used since Hector was a pup and never had a problem. I can't add users to the domain and can't log on directly to the domain.
View 1 Replies View RelatedI am using URL Snooper to copy URLs from slide share into my hard drive. Although my internet connection is working fine i am getting the message"ERROR:failed to find a suitable network driver". I cannot understand what the problem is" Please assit me in this issu
View 1 Replies View Related