I have a client that has a Cisco ASA 5505 that sits between their router (provides VOIP phone service) and their Cisco 3550 (Very old version of IOS) that they use as a "Core" switch. This works well most of the time. However, every few months, the ASA will become completely non-responsive, and the client loses interent and VPN access.
I am normally able to resolve this by bouncing the switch port on the 3550, but this did not work yesterday, and I had to get someone to power cycle the ASA. I work remotely most days, so I never seem to be on site when this happens.
I need to figure out a way to diagnose this problem, but the ASA doesn't seem to be logging anything during/before the problem occurs. Not to mention, a power cycle clears out the log buffer, so if that happens, I get nothing.
I am on site today, so I am hoping to take a look at this and at least take some initial diagnostic steps. Does anyone have a suggestion for logs that I can turn on, or other things to check that could cause this behavior?
I don't have SmartNet right now, but I am getting approval to purchase it if needed, but that won't be helpful for today.
Thanks.
Edit, add IOS versions: ASA 5505: Cisco Adaptive Security Appliance Software Version 7.2(4) Device Manager Version 5.2(4)
Cisco 3550: Cisco Internetwork Operating System Software IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(9)EA1c, RELEASE SOFTWARE (fc1)
That is a very, very old ASA OS version.
Let's assume for a moment the switch is not involved; it would take an astronomically remote combination of factors and network data to bring down a device which is intended specifically to withstand outside network attacks (i.e., a firewall.)
Logging is trivially enabled on the ASA; configure a syslog server to capture everything to an external location.
The log results are also explained in full in the Cisco documentation; if in doubt, return here with more useful information.