To associate a physical interface with a logical VLAN interface, use the following configuration:Ĭiscoasa(config)# interface physical_nameĬiscoasa(config-if)# switchport access vlan vlan_# To change the properties of the two logical VLAN interfaces, or to create a new logical VLAN interface, use the following configuration:Ĭiscoasa(config-if)# ip address IP_address Ĭiscoasa(config-if)# security-level number Instead, a logical layer 3 interface called a VLAN interface is used. Unlike the other ASAs, the 5505 doesn’t use subinterfaces to associate interfaces with VLANs. To follow the bug ID link below and see detailed bug information, you must be a registered customer and you must be logged in.The 5505 models use of interfaces differs from all the other ASAs: the eight interfaces (e0/0 through e0/7) are layer 2 switch ports.
#Cisco asa 5505 commands software download#
Updated ASA and FTD software versions that address this issue will be published in the coming weeks and will be available from the Cisco Software Download Center. In the System section, click the Restart Device icon.įor both ASA and FTD security appliances, a physical power-cycle can be used in order to perform a reboot. The device can be rebooted with one of these methods.ĬLI – Enter the reload command in privileged mode.ĬLI – Enter the reboot command in privileged mode.įirepower Management Center – Choose Devices > Device Management, double-click FTD, then choose the Device tab.
The output is shown here: ciscoasa# show version | grep up After the reboot, the security appliance avoids an encounter with this issue for another 213 days 12 hours.Įnter the show version | grep up command in order to display the uptime of the security appliance. The reboot of the security appliance must be performed prior to 213 days 12 hours of uptime. Then, move the master to one of the rebooted devices and then remove that device from the cluster, reboot it, and then have it rejoin. Customers with clustering configurations should remove one slave at a time from the cluster, reboot them, and rejoin them until each slave has been rebooted. In order to mitigate the risk and impact of the device not passing network traffic, Cisco urges customers to proactively reboot their Cisco ASA and Cisco FTD security appliances that run affected versions of the software.įor customers with failover configurations, it is recommended to reboot the standby devices first, make them active after they complete booting, and then reboot the formerly active devices. The Cisco ASA and Cisco FTD security appliances stop passing all network traffic.Įntering the show asp drop command over the console port will indicate that packets are being dropped due to the reason punt-rate-limit-exceeded.
The issue detailed in this Field Notice is not a security vulnerability and there is no associated risk to the integrity of the security appliance. The affected versions of software cause the security appliance to stop passing network traffic after approximately 213 days 12 hours (~ 5,124 hours) of uptime. On MaCisco became aware of an issue that affects all Cisco ASA and Cisco FTD security appliances that run certain versions of software. In the near term, immediately reboot the deployed security appliances in order to prevent this issue. All Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) devices that run the affected software versions do not pass network traffic after approximately 213 days 12 hours (~ 5,124 hours) of uptime.