文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >ASA突然停止工作

ASA突然停止工作
EN

Network Engineering用户
提问于 2018-07-02 13:48:27
回答 1查看 1.6K关注 0票数 2

我的ASA 5516突然停止工作。没有在/出站流量,平到内外接口失败。

在设备运行超过6个月之前。

在问题发生时,只记录在syslog中的丢弃消息,例如:

代码语言:javascript
复制
Jun 29 08:55:48 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 13 per second, max configured rate is 5; Cumulative total count is 7913,2018-06-29T08:55:48.000+0200
Jun 29 08:56:08 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 13 per second, max configured rate is 5; Cumulative total count is 7876,2018-06-29T08:56:08.000+0200
Jun 29 08:56:29 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 3 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7759,2018-06-29T08:56:29.000+0200
Jun 29 08:56:49 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7709,2018-06-29T08:56:49.000+0200
Jun 29 08:57:09 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7606,2018-06-29T08:57:09.000+0200
Jun 29 08:57:09 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-2 exceeded. Current burst rate is 0 per second, max configured rate is 8; Current average rate is 10 per second, max configured rate is 4; Cumulative total count is 36538,2018-06-29T08:57:09.000+0200
Jun 29 08:57:29 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 3 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7504,2018-06-29T08:57:29.000+0200
Jun 29 08:57:49 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 2 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7417,2018-06-29T08:57:49.000+0200
Jun 29 08:58:09 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 3 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7308,2018-06-29T08:58:09.000+0200
Jun 29 08:58:29 192.168.100.1 %ASA-4-733100: [ Scanning] drop rate-1 exceeded. Current burst rate is 3 per second, max configured rate is 10; Current average rate is 12 per second, max configured rate is 5; Cumulative total count is 7235,2018-06-29T08:58:29.000+0200

还有一条可疑的消息,但这已经持续了好几个月了。

代码语言:javascript
复制
Jun 29 09:02:38 192.168.100.1 %ASA-3-341011: Storage device with serial number MSA2101XXXX in bay 0 faulty

我能够通过串行接口进入设备,在停机时,我检查了默认网关的ARP缓存--记录是有效的。

在重新加载过程中,出现了以下消息:

代码语言:javascript
复制
 Jun 29 10:09:50 192.168.100.1 %ASA-3-341008: Storage device not found. Auto-boot of module sfr cancelled.  Install drive and reload to try again.

不确定,但是存储设备有可能造成这种情况吗?

如果再次发生这种情况,你会建议做什么或者你会尝试什么?

Thx马特

代码语言:javascript
复制
xx-xx-asa01# show ver

Cisco Adaptive Security Appliance Software Version 9.7(1)
Firepower Extensible Operating System Version 2.1(1.66)
Device Manager Version 7.7(1)

Compiled on Mon 16-Jan-17 09:00 PST by builders
System image file is disk0:/asa971-lfbff-k8.SPA
Config file at boot was "startup-config"

xx-xx-asa01 up 3 days 4 hours

Hardware:   ASA5516, 8192 MB RAM, CPU Atom C2000 series 2416 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 8000MB
BIOS Flash M25P64 @ 0xfed01000, 16384KB

Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
                             Number of accelerators: 1

 1: Ext: GigabitEthernet1/1  : address is 70db.989d.bf2e, irq 255
 2: Ext: GigabitEthernet1/2  : address is 70db.989d.bf2f, irq 255
 3: Ext: GigabitEthernet1/3  : address is 70db.989d.bf30, irq 255
 4: Ext: GigabitEthernet1/4  : address is 70db.989d.bf31, irq 255
 5: Ext: GigabitEthernet1/5  : address is 70db.989d.bf32, irq 255
 6: Ext: GigabitEthernet1/6  : address is 70db.989d.bf33, irq 255
 7: Ext: GigabitEthernet1/7  : address is 70db.989d.bf34, irq 255
 8: Ext: GigabitEthernet1/8  : address is 70db.989d.bf35, irq 255
 9: Int: Internal-Data1/1    : address is 70db.989d.bf2d, irq 255
10: Int: Internal-Data1/2    : address is 0000.0001.0002, irq 0
11: Int: Internal-Control1/1 : address is 0000.0001.0001, irq 0
12: Int: Internal-Data1/3    : address is 0000.0001.0003, irq 0
13: Ext: Management1/1       : address is 70db.989d.bf2d, irq 0
14: Int: Internal-Data1/4    : address is 0000.0100.0001, irq 0

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 150            perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Active  perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Security Contexts                 : 2              perpetual
Carrier                           : Disabled       perpetual
AnyConnect Premium Peers          : 4              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 300            perpetual
Total VPN Peers                   : 300            perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
Shared License                    : Disabled       perpetual
Total TLS Proxy Sessions          : 1000           perpetual
Botnet Traffic Filter             : Disabled       perpetual
Cluster                           : Enabled        perpetual
Cluster Members                   : 2              perpetual
VPN Load Balancing                : Enabled        perpetual

Serial Number: xx
Running Permanent Activation Key: 0xxxx 0xxxx 0xxxx 0xxxx 0xxxx
Configuration register is 0x10001
Image type                : Release
Key Version               : A
Configuration has not been modified since last system restart.
cisco
cisco-asa
EN

回答 1

Network Engineering用户

回答已采纳

发布于 2019-02-09 03:42:21

@罗恩·特伦克是对的。您的内部SSD已失败(序列号MSA2101XXXX)。您的ASA可能有一个强积金“政策”,是发送流量到SFR模块与失败关闭选项。因此没有交通。

取消政策,照罗恩说的做,然后打电话给交谘会。

票数 0
EN
页面原文内容由Network Engineering提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://networkengineering.stackexchange.com/questions/51495

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档