Cisco WAN :: 5540 - Memory Utilization Getting Higher When Adding Tunnel
Jul 21, 2011
We terminated about 25 site-to-site VPN tunnels on the Cisco ASA 5540 (2 GB RAM). It appears that the memory utilization is getting higher when adding the tunnel. We are planing to remove those 25 VPN tunnels out 5540, and soon we will add additional 40 VPN tunnels on it. So it will be total around 65 tunnels, and maybe add couple tunnels per year for the future grow, but about 25 VPN tunnels are using at all the time, the others are just backup purpose, standby only. We are looking for the new network device (router or ASA) to accommodate the needs. Which network device is better to handle VPN tunnel for this infrastructure?
View 5 Replies
ADVERTISEMENT
Jul 6, 2011
We want to run ASA 8.4.x on an old ASA5540. We need to upgrade its memory to 2 GB with the following memory upgrade: ASA5540-MEM-2GB=
I suspect that we will completely remove the existing 1 GB of memory and replace it with 2 GB. If this is the case, can I use this 1 GB of memory removed from the ASA5540 and put it in a ASA5510 instead of buying a ASA5510-MEM-1GB= for the ASA5510?
View 2 Replies
View Related
Oct 12, 2011
What causes LMS 4.1 to have high memory utilization?
View 4 Replies
View Related
Jul 6, 2011
I've deployed many Cisco PIX 501 v6.3.3 either as normal firewalling feature and/or with VPN features enabled. I noticed in all my deployments, regardless if it's during peak hours or after office hours, the memory utilization is always consistent 11MB utilized over the total of 16MB(memory default size).
View 3 Replies
View Related
May 11, 2008
I have a remote site customer with a Cisco ASA 5540 running SSLVPN (Anyconnect)(8.03). It currently only serves about 450 SSLVPN clients. Since last friday, they've seen the CPU utilization go up to high 90% while only serving 400+ remote users. I saw some high cpu utilization bugs, but none looked to be relevant. How I can find the root cause of the CPU high utilization?
View 2 Replies
View Related
Jun 1, 2011
Cisco 3845 router (256RAM / 64Flash), increases the cpu utilization upto 70~80 percent, during the time of high utilization, I am unable to run show command on router.The configuration is simple, this is connected with two internet links (24Mbps and 8Mbps) and its about 600~700 users are using internet.show version, show memory and show process cpu outputs are attached here.
View 7 Replies
View Related
May 2, 2013
I was looking at my CISCO ASA 5520 and i found something really strange
ciscoasa/VPN-context# sh mem detail
Used memory: 4259249568 bytes (793%)
------------- ----------------
Total memory: 536870912 bytes (100%)
but when I look at the system context this is what I see
ciscoasa# sh mem
Free memory: 170829000 bytes (32%)
Used memory: 366041912 bytes (68%)
------------- ----------------
Total memory: 536870912 bytes (100%)
As far as I know the ASA is working good.
Info of the device
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
View 3 Replies
View Related
Nov 21, 2012
Just want to check with you about memory utilization on the Asa 5510 ..
Free memory: 19%
Used Memory: 81%
Is this normal? Because we hade a problem this morning and the memory was at 100%..
Device Manager version 6.1(5) 57
Hardware: ASA5510-K8, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
View 4 Replies
View Related
Aug 7, 2011
We have a Cisco SA520 Router (Firmware 2.1.18)We are only using this for about 1 month now. Router seems ok its justI am worried about the Memory utilization which reach to 62% (144/234 MB)Is this something to worry about?How can I utilize this by lowering down the usage?
View 3 Replies
View Related
Jul 29, 2012
We have a 7206 router which acts as a MPLS Hub router for around 100+ remote locations. Bandwidh at mpls hub(terminated on this router) is 50 Mbps.
We have noticed that Memory utilization in this router gradually increases and when it reaches 100% this router hangs. It happence in frequesncy of 10 days and we have to restart the router when memory is 100%.
CPU utilization is normal i.e below 20%, WAN bandwidth will never cross 30mbps.
We are running OSPF on this router
View 1 Replies
View Related
Feb 15, 2012
We had two PIXes in our environment and working as a active-failover mode. Its noted in now a days the active PIX memory utilization is 98% and for standby PIX it is 96%. And also in some times we were experiencing packet loss to the ip of active PIX and which reflects in the inside servers access also. During that time the active pix was not accessible via ssh as well as ASDM. We have tried reloading the PIX and changing failover state of the PIX, but it results only a temporary solution. Current memory installed is 128 MB (maximum upgraded), so a upgrade is also not possible. Please see the show command outputs from the PIX. Current Software version is 7.2(4)
sh memory output (PIX 1 - active)
Free memory: 4850944 bytes ( 4%)
Used memory: 129366784 bytes (96%)
[code]....
1) How we can pin point the root cause of this high memory utilization?
2) What might be the reason for the high memory utilization for the standby pix (96%), still the PIX is in idle state?
3) Is it a hardware issue or a memory leak issue, then how can we find out?
4) Is a software upgrade to new version resolves the memory issue?
View 10 Replies
View Related
Dec 26, 2012
We have one Catalyst 6506 ( with WS-SUP720-3B, IOS is 12.2(18)SXF14 ) and one Catalyst 6509 ( with WS-SUP720-3B, IOS is 12.2(18)SXF17a ). We used WhatsUP to collect I/O & process memory utilization for both switches. The memory utilization for Catalyst 6509 was ok, but it seems not correct for Catalyst 6506 ( show proc memory displayed the total memory is 512MB, but the WhatsUP displayed only 64MB only )
View 1 Replies
View Related
Oct 26, 2011
We recently installed two 2960, both of them with this fw version:
Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(55)SE3, RELEASE SOFTWARE (fc1)
The switches see very few traffic (under 40MB on all interfaces, summed, so far), however, I/O memory utilization is about 80% as can be seen from the show memory command:
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor 2B89A18 73969000 27198964 46770036 45060368 29367536
I/O 6200000 14680064 12185292 2494772 2323116 2380896
Driver te 1A00000 1048576 44 1048532 1048532 1048532
The memory allocated is almost all Packet Data, by init, "sho memory io dead" returns zero, the memory usage seems constant, there are no errors on the log, the switches operate correctly, no packet has ever been dropped, CPU usage is about 4%.
Here I showed info for one switch, the other is in the same situation. I just want to know if this behavior is expected, I don't want to find out problems when the switches will be in production whit real traffic.
View 5 Replies
View Related
Sep 18, 2011
I have the problem that our ciscoworks server gets out of memory after few days. The memory utilization is always getting higher an higher (above 95%). Sometimes it is only after 3 days and sometimes it is after 1 week. So it happens not regularly. I have made an screenshot from the services which use a lot of memory. And at this time the memory utilization is getting higher and higher again....I think there is a problem with tomcat or dbsrv10.exe, there are also a lot of cwjava.exe running.
View 8 Replies
View Related
Sep 13, 2012
We recently added about 400 users to our network for a total of 1000. Looking at the ASDM we are holding very tight to 75% utilization and we have 256mbs. This is also running IOS 8.2(1). Our firewall recently crashed after a major download was forced through it. This was after only being booted up for about a week. We had reloaded it a week prior after having ran it for about a year without issue. We havent made any changes in the last month other than adding more users to our network.
View 3 Replies
View Related
Sep 6, 2012
I have a Switch WS-C3750E-48PD-SF with IOS 12.2(58)SE2 which reports more than 80% in utilization of memory I don't know what is causing the high memory utilization.
View 14 Replies
View Related
Aug 21, 2012
We have 2 CSACS 1121 with Cisco ACS 5.2.0.26.10 The primary server manages 20000+ authentications per day. Its memory utilization increases everyday. It is now at 83% , there a limit?,What will happen when memory utilization reach this limit?,What can we do to purge memory utilization? (reboot, service restart.
View 11 Replies
View Related
Dec 6, 2011
I've noticed that my 6509's running VSS seem to have high I/O memory utilization.
I/O memory: Sw/Mod Bytes: Total Used %Used
1/1 8126344 7886544 97%
1/2 11796240 11442472 97%
1/5 RP 12058384 10715832 89%
1/5 SP 8388608 8104304 97%
1/7 8126344 7886544 97%
[code]....
View 5 Replies
View Related
May 2, 2013
I noticed on the 2960 switches we have deployed that are running the latest IOS, 12.2(58)SE2, memory utilization is really high (almost 80 percent). I have not noticed any side effects but I wanted to verify this is acceptable. My question is does the high memory utilization matter? I see this may be related to bug CSCtw83946 but no resolution is mentioned.
I did some testing various IOS revisions and below is what I have found using a WS-C2960-48TC-L with default configuration and only my laptop connected to a switchport in vlan1. You will notice memory utilization will grows with each version but jumps drastically with 58. One difference with 58 I needed to use a different command to retrieve memory utilization. The output was gathered by pasting the output of the show command into the Cisco Output Interpreter on their website.
IOS
Show Command
Output
c2960-lanbasek9-mz.122-35.SE5.bin
show memory
[Code]....
View 8 Replies
View Related
Nov 9, 2012
I am facing high memory utilization in Cisco 2960 switch having IOS version 12.2(55)SE3.
The error we are getting is:
A "LiveHealthAlarm" event has occurred, from SwCiscoIOS device, named Switch2960. eHealth Alarm Start Time - Fri 09 Nov,2012 - 03:02:48 eHealth. Switch2960-RH-MemoryPool-Processor-Processor-1.Memory utilization high-Threshold set at 70%SPECTRUM ALARM ID|22233284 I have attached the logs also.
View 3 Replies
View Related
Jan 21, 2012
I have a new cisco 3750 stack comprised of 8 members (6 x 3750G-48PS and 2 x 3750V2-48PS) running 'c3750-ipservicesk9-mz.122-58.SE2.bin'. I am seeing high memory utilisation, it seems to sit fairly stable and I do not see an increase but this has only been running a few days. No errors or performance issues. Should this be a cause for concern?
View 3 Replies
View Related
Jun 11, 2013
We had a stack of 4 qty 3750g running IP base on ver 12.2.32, then installed a 3750x to the stack and upgraded the whole stack to 15.0.2 SE3. In doing so, we noticed that the memory utilization jumped from 60-70% to 83-84%.
We had the same issue occur when upgrading to 15.0.2 SE3 on another stack that was 6 qty 3750g running ip-services, but this one jumped to 90%. On the 6 qty stack, we downgraded to 12.2.55 and the memory util went back down to 60-70%.
On the mixed stack, we replaced the 3750x with another 3750g and downgraded the whole stack to 12.2.55, however, the memory utilization did not drop down. As far as I can tell, no config changes have changed from the original IOS.
View 4 Replies
View Related
Nov 8, 2011
I upgraded the newest IOS 15.0(1)SE for our SW C2960-24-TT-L, the process was succeseful. However, we found SW memory utilization raised to 82% this morning in normal situation. (Momery: Total 21341260, Used17471692) Did you guys meet the same problem after upgrading to 15.0(1)SE? I also would like to know what the normal memory utilization is? and what is the impact of memory utilization highly?
View 8 Replies
View Related
Mar 5, 2013
I upgrade the IOS of my switch 3560 from C3560-IPBASE-M), Version 12.2(25)SEB4, To C3560-IPBASEK9-M), Version 12.2(55)SE5 after that the utilizatio of the memory increase to 80% I attached the output of show memory statistics history
View 5 Replies
View Related
Apr 15, 2012
I am writing with regard to a high memory utilization that we have on a pair of line card WS-X6748-GE-TX and WS-X6724-SFP for a VSS 6500. I am enclosing a little part of the "show tech"of this VSS 6500 where is possible to see the high memory utilization of the line cards 1/1, 1/2, 2/1, and 2/2, in despite of having some ports in state connected. In addition of this, the IOS installed on VSS 6500 is s72033-ipservicesk9_wan-vz.122-33.SXI6.bin for checking if there are some bugs affecting the behaviour of the Switch for this case.
System Resources
PFC operating mode: PFC3C
Supervisor redundancy mode: administratively sso, operationally sso
Switching resources: Sw/Mod Part number Series CEF mode
1/1 WS-X6748-GE-TX CEF720 CEF
1/2 WS-X6724-SFP CEF720 CEF
[code]....
View 1 Replies
View Related
May 3, 2011
I need to configure multicast between 2 Csico 5540's lan to lan ipsec tunnel for a Voip application.
View 2 Replies
View Related
Apr 18, 2013
i have cisco asa 5540, users access vpn through anyconnect, i have applied split tunnel so that all users accessing internal network (10.0.0.0) grows through tunnel and other traffic through internet.. working fine.i want to fully tunnel one user so that all his traffic goes through the tunnel, what is the best way to do it, "is there any guide (step by step)"
View 3 Replies
View Related
Aug 7, 2011
We have ASA 5540. We setup Site-to-Site VPN and Remote Access VPN (Cisco VPN client). If are running full tunnel on the Cisco VPN client, the internet access is slow. For example, when we are running full-tunnel, the internet speed is 16 Mbps based on Speedtest.net. When we go to Speedtest.net, some of the graphics do not load. If we are running Split-tunnel, the internet access speed is 78 Mbps based on Speedtest.net and the Speedtest.net web site loads all the graphics.
View 6 Replies
View Related
May 31, 2012
This has to be the most weirdest issue I have seen since the past year on my ASA. I have an ASA 5540 running the 8.4(2) code without any issues until I stumbled upon this problem last week and I have spent sleepless nights with no resolution! So, take a deep breath and here is a brief description of my setup and the problem:
A Simple IPSEC tunnel between my ASA 5540 8.4(2) and a Juniper SSG 140 screen OS 6.3.0r9.0(route based VPN)
The tunnel comes up without any issues but the ASA refuses to encrypt the traffic but decrypts it with GLORY! below are some debug outputs, show outputs and a packet tracer output which also has an explanation of my WEIRD NAT issue:
My setup - ( I wont get into the tunnel encryption details as my tunnel negotiations are **** perfect and comes up right off the bat when the ASA is configured as answer only)
CISCO ASA - IPSec networking details
LOCAL NETWORK - 10.2.4.0/28
REMOTE NETWORK - 192.168.171.8/32
JUNIPER SSG 140 - IPSec networking details
PROXY ID: LOCAL NETWORK - 192.168.171.8/32
REMOTE NETWORK - 10.2.4.0/28
HOST NAME# sh cry ipsec sa peer <JUNIPER SSG PEER>
peer address: <JUNIPER SSG PEER>
[code]...
As you can see, there is no echo reply packet at all as the packet is not being encapsulated while it is being sent back. I have been going mad with this. Also, this is a live production multi tenant firewall with no issues at all apart from this ****** ip sec tunnel to a juniper!!
Also, the 192.168.10.0/24 is another IP Sec tunnel remote network to this 10.2.4.0/28 network and this IP SEC tunnel has a similar Juniper SSG 140 screen os 6.3.0r9.0 at the remote end and this woks like a charm without any issues, but the 171 is not being encrypted by the ASA at all.
View 2 Replies
View Related
Sep 8, 2011
We have a Cisco ASA 5520 supporting multiple VPNs - both remote-access and Lan-to-Lan. We would like to monitor the bandwidth utilization of the IPSec Lan-to-Lan tunnels.
View 3 Replies
View Related
Apr 10, 2012
We have an ASA5520 version 8.3(1) We have an existing VPN tunnel between us and our partner site. We need to add a new vlan to our existing VPN tunnel.
Where do we need to add the new vlan to in ASDM interface? Looking through using ASDM, I found 3 places.
Site-to-Site VPN:
1) Connection profiles
2) Advanced > crypto maps
3) ACL Manager
View 5 Replies
View Related
Aug 26, 2012
We have a Cisco 3845 router for Site 2 Site VPN tunnels to external business partners. The IOS is (C3845-ADVIPSERVICESK9-M), Version 12.4(15)T8.One of our partners is doing a DR test and needs to have us swing the VPN traffic to another peer in a test location temporarily. I plan on adding the test hosts to our existing encryption ACL, but instead of building another crypto map, I was wondering if I can add a secondary peer to the existing one?
View 3 Replies
View Related
Nov 1, 2011
I am having issues getting my ASA 5540 at site A, to pass TFTP and SYSLOG from itself across the IPSEC tunnel to our SYSMON servers (Syslog and TFTP) that live at site B. I have followed the suggestions of other threads and I am still not getting anywhere. Here is a quick topology diagram.
View 6 Replies
View Related
