43-13
Cisco Security Appliance Command Line Configuration Guide
OL-12172-03
Chapter 43 Troubleshooting the Security Appliance
Common Problems
Viewing the Crash Dump
If the security appliance crashes, you can view the crash dump information. We recommend contacting
Cisco TAC if you want to interpret the crash dump. See the
show crashdump
command in the
Cisco
Security Appliance Command Reference
.
Common Problems
This section describes common problems with the security appliance, and how you might resolve them.
Symptom
The context configuration was not saved, and was lost when you reloaded.
Possible Cause
You did not save each context within the context execution space. If you are
configuring contexts at the command line, you did not save the current context before you changed
to the next context.
Recommended Action
Save each context within the context execution space using the
copy run start
command. You cannot save contexts from the system execution space.
Symptom
You cannot make a Telnet or SSH connection to the security appliance interface.
Possible Cause
You did not enable Telnet or SSH to the security appliance.
Recommended Action
Enable Telnet or SSH to the security appliance according to the instructions in
“Allowing Telnet Access” section on page 40-1
or the
“Allowing SSH Access” section on page 40-2
.
Symptom
You cannot ping the security appliance interface.
Possible Cause
You disabled ICMP to the security appliance.
Recommended Action
Enable ICMP to the security appliance for your IP address using the
icmp
command.
Symptom
You cannot ping through the security appliance, although the access list allows it.
Possible Cause
You did not enable the ICMP inspection engine or apply access lists on both the
ingress and egress interfaces.
Recommended Action
Because ICMP is a connectionless protocol, the security appliance does not
automatically allow returning traffic through. In addition to an access list on the ingress interface,
you either need to apply an access list to the egress interface to allow replying traffic, or enable the
ICMP inspection engine, which treats ICMP connections as stateful connections.
Summary of Contents for 500 Series
Page 38: ...Contents xxxviii Cisco Security Appliance Command Line Configuration Guide OL 12172 03 ...
Page 45: ...P A R T 1 Getting Started and General Information ...
Page 46: ......
Page 277: ...P A R T 2 Configuring the Firewall ...
Page 278: ......
Page 561: ...P A R T 3 Configuring VPN ...
Page 562: ......
Page 891: ...P A R T 4 System Administration ...
Page 892: ......
Page 975: ...P A R T 5 Reference ...
Page 976: ......